Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2010-4648

    The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-42095

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15415

    The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1711_201803291645) th... Read more

    Affected Products : redmi_5_firmware redmi_5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-17054

    atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15387

    The Archos Core 101 Android device with a build fingerprint of archos/MTKAC101CR3G_ARCHOS/ac101cr3g:7.0/NRD90M/20180611.034442:user/release-keys contains a pre-installed app with a package name of com.roco.autogen app (versionCode=1, versionName=1) that a... Read more

    Affected Products : core_101_firmware core_101
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15337

    The Lava Z81 Android device with a build fingerprint of LAVA/Z81/Z81:8.1.0/O11019/1532317309:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.31) that allows any app co... Read more

    Affected Products : z81_firmware z81
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-38116

    Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2015-2922

    The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a ... Read more

    • Published: May. 27, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-15421

    The Blackview BV7000_Pro Android device with a build fingerprint of Blackview/BV7000_Pro/BV7000_Pro:7.0/NRD90M/1493011204:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) tha... Read more

    Affected Products : bv7000_pro_firmware bv7000_pro
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-42830

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Jun. 16, 2025

  • 3.3

    LOW
    CVE-2019-15336

    The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61_Turbo/Z61_Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.31) that... Read more

    Affected Products : z61_firmware z61
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-17053

    ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15339

    The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app... Read more

    Affected Products : z60s_firmware z60s
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-17263

    In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are a... Read more

    Affected Products : libfwsi
    • Published: Oct. 06, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-0012

    The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.... Read more

    Affected Products : firefox spice-xpi
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-24003

    Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skyp... Read more

    Affected Products : skype
    • Published: Jan. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-46329

    libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encry... Read more

    Affected Products : connector_for_c\/c\+\+
    • Published: Apr. 29, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2010-5105

    The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.... Read more

    Affected Products : blender
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2018-16252

    FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.... Read more

    Affected Products : event_log_explorer
    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2006-1247

    rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : aix
    • Published: Apr. 19, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293262 Results