Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2015-0453

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via vectors related to PORTAL.... Read more

    Affected Products : peoplesoft_products
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-3436

    Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream. ... Read more

    Affected Products : xpdf
    • Published: Jun. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-4193

    Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file.... Read more

    Affected Products : merkaartor
    • Published: Dec. 03, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2008-4908

    maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.... Read more

    Affected Products : debian_linux crossfire
    • Published: Nov. 04, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2015-0429

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.... Read more

    Affected Products : sunos solaris
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-13599

    Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q... Read more

    Affected Products : zephyr
    • Published: May. 25, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-4664

    Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script.... Read more

    Affected Products : linux_kernel firewall_builder
    • Published: Mar. 03, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-53407

    In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data.... Read more

    Affected Products : phiewer
    • Published: Jan. 15, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2025-27496

    Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver wou... Read more

    Affected Products : snowflake_jdbc
    • Published: Mar. 13, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2019-17401

    libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_location_information_read_data in liblnk_location_information.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as... Read more

    Affected Products : liblnk
    • Published: Oct. 09, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-21851

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y, arena_htab tests cause a segmentation fault and soft lockup. The same failure... Read more

    Affected Products : linux_kernel
    • Published: Mar. 12, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2023-5449

    A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated.... Read more

    • Published: Oct. 13, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-6331

    An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007. A potential security vulnerability caused by incomplete obfuscation of application configuration information.... Read more

    Affected Products : samsung_mobile_print
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-2875

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-2876

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-11884

    The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0'... Read more

    • Published: May. 10, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-2093

    src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.... Read more

    Affected Products : gajim
    • Published: May. 18, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2016-4486

    The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.... Read more

    • Published: May. 23, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-6224

    ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE... Read more

    Affected Products : ubuntu_linux ecryptfs-utils
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-13033

    In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the li... Read more

    Affected Products : fedora debian_linux lynis
    • Published: Jun. 18, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293589 Results