Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2013-2310

    SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi applicati... Read more

    • Published: Jun. 17, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-21345

    In Game Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges neede... Read more

    Affected Products : android
    • Published: Oct. 30, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-9250

    There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the servic... Read more

    Affected Products : mate_20_pro_firmware mate_20_pro
    • Published: Dec. 20, 2024
    • Modified: Jul. 11, 2025

  • 3.3

    LOW
    CVE-2023-21348

    In Window Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Use... Read more

    Affected Products : android
    • Published: Oct. 30, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21346

    In the Device Idle Controller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges... Read more

    Affected Products : android
    • Published: Oct. 30, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-5899

    When Bazel Plugin in intellij imports a project (either using "import project" or "Auto import") the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls Project... Read more

    • Published: Jun. 18, 2024
    • Modified: Sep. 08, 2025

  • 3.3

    LOW
    CVE-2023-21436

    Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.... Read more

    Affected Products : android android dex
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-39978

    ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.... Read more

    Affected Products : fedora imagemagick
    • Published: Aug. 08, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21759

    Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability... Read more

    • Published: Jan. 10, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-5105

    The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.... Read more

    Affected Products : blender
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-4016

    Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.... Read more

    Affected Products : fedora procps
    • Published: Aug. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-1125

    IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. IBM X-Force ID: 121340.... Read more

    • Published: Jun. 07, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-0990

    In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional exec... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-1031

    In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-25823

    Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.... Read more

    Affected Products : galaxy_watch_plugin
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-22283

    Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.... Read more

    Affected Products : health
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-25827

    Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log... Read more

    Affected Products : galaxy_watch_plugin
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-21512

    Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.... Read more

    Affected Products : android android dex
    • Published: Jun. 28, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-2687

    Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.... Read more

    Affected Products : gecko_software_development_kit
    • Published: Jun. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-36878

    Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log.... Read more

    Affected Products : find_my_mobile
    • Published: Sep. 09, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293284 Results