Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2011-1679

    ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of th... Read more

    Affected Products : ncpfs
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-5171

    CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-34640

    Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.... Read more

    Affected Products : android android
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 3.3

    LOW
    CVE-2012-6655

    An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.... Read more

    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-5084

    Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.... Read more

    Affected Products : chrome_os
    • Published: Oct. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2015-2877

    Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAI... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Mar. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2008-3933

    Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.... Read more

    Affected Products : wireshark
    • Published: Sep. 04, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2010-0789

    fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.... Read more

    Affected Products : fuse
    • Published: Mar. 02, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-35005

    This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ... Read more

    Affected Products : teamviewer
    • Published: Jan. 24, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1678

    smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger cor... Read more

    Affected Products : samba
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-38110

    Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to explo... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2024-47738

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no sup... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 3.3

    LOW
    CVE-2013-4277

    Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.... Read more

    Affected Products : subversion
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-3588

    The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.... Read more

    Affected Products : bluez
    • Published: Jun. 10, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-3644

    A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they shoul... Read more

    Affected Products : wildfly descision_manager
    • Published: Aug. 26, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-38591

    An issue was discovered on LG mobile devices with Android OS P and Q software for mt6762/mt6765/mt6883. Attackers can change some of the NvRAM content by leveraging the misconfiguration of a debug command. The LG ID is LVE-SMP-210005 (August 2021).... Read more

    Affected Products : android
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-3574

    A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.... Read more

    Affected Products : fedora imagemagick
    • Published: Aug. 26, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-50211

    In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now dete... Read more

    Affected Products : linux_kernel
    • Published: Nov. 08, 2024
    • Modified: Nov. 18, 2024

  • 3.3

    LOW
    CVE-2014-3052

    The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensiti... Read more

    • Published: Jun. 21, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2014-3422

    lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.... Read more

    Affected Products : emacs mageia
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 292837 Results