Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2016-10772

    cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-4670

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log.... Read more

    Affected Products : mac_os_x iphone_os
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2023-41053

    Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The probl... Read more

    Affected Products : redis
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-26309

    Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions.... Read more

    Affected Products : teamcity
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-25829

    Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log... Read more

    Affected Products : watch_active2_plugin
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-53873

    NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of ser... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2022-25826

    Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log... Read more

    Affected Products : galaxy_watch_3_plugin
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-0987

    A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.... Read more

    Affected Products : enterprise_linux packagekit
    • Published: Jun. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-22656

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the ... Read more

    Affected Products : macos mac_os_x
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-53877

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2022-25833

    Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.... Read more

    Affected Products : android dex
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-1249

    A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daem... Read more

    Affected Products : pesign
    • Published: Apr. 29, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-25830

    Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log... Read more

    Affected Products : galaxy_watch_3_plugin
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-53875

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial ... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2021-47671

    In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2022-22598

    An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.... Read more

    Affected Products : iphone_os ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-15096

    A flaw was found in GlusterFS in versions prior to 3.10. A null pointer dereference in send_brick_req function in glusterfsd/src/gf_attach.c may be used to cause denial of service.... Read more

    Affected Products : glusterfs
    • Published: Oct. 26, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-53870

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial ... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2024-53872

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial ... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2024-42331

    In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browser_push_error method in the src/libs/zbxembed/browser_error.c file. A u... Read more

    Affected Products : zabbix
    • Published: Nov. 27, 2024
    • Modified: Nov. 27, 2024
Showing 20 of 293647 Results