Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-3125

    A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert Setup Page. The manipulation of the argument Address leads to cross site scripting. The attac... Read more

    Affected Products :
    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5525

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.... Read more

    Affected Products : solaris_cluster
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-5432

    The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.... Read more

    • Published: Oct. 03, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-3469

    Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related to Services.... Read more

    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-10772

    cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).... Read more

    Affected Products : cpanel
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5490

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.4.0 allows local users to affect confidentiality via vectors related to INFRA.... Read more

    Affected Products : flexcube_universal_banking
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-48727

    NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: May. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-33981

    drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Jun. 18, 2022
    • Modified: May. 05, 2025

  • 3.3

    LOW
    CVE-2016-2877

    IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file.... Read more

    • Published: Nov. 30, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-30728

    Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.... Read more

    Affected Products : android dex
    • Published: Jun. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-22598

    An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.... Read more

    Affected Products : iphone_os ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-30742

    Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log.... Read more

    Affected Products : find_my_mobile
    • Published: Jun. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-22656

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the ... Read more

    Affected Products : macos mac_os_x
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-30741

    Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permission to get sim card information through device log.... Read more

    Affected Products : find_my_mobile
    • Published: Jun. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-31071

    Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--... Read more

    Affected Products : octopoller
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-31072

    Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `r... Read more

    Affected Products : octokit octokit
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-4774

    Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-4779 an... Read more

    Affected Products : berkeley_db
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-37703

    In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking t... Read more

    Affected Products : amanda
    • Published: Sep. 13, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-4946

    Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x bef... Read more

    • Published: Jan. 03, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-5044

    The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote attackers to cause a denial of service via unspecified packets.... Read more

    • Published: Nov. 08, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293308 Results