Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-8518

    CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user.... Read more

    Affected Products : zelio_soft_2
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 3.3

    LOW
    CVE-2024-28811

    An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations.... Read more

    Affected Products : hit_7300_firmware hit_7300
    • Published: Sep. 30, 2024
    • Modified: May. 30, 2025

  • 3.3

    LOW
    CVE-2020-9912

    A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode.... Read more

    Affected Products : safari
    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20315

    In ActivityManager, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Pro... Read more

    Affected Products : android
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-18427

    In cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-30111

    HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising secur... Read more

    Affected Products :
    • Published: Jun. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-25823

    Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.... Read more

    Affected Products : galaxy_watch_plugin
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-36319

    Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.... Read more

    Affected Products : networking_os10
    • Published: Nov. 20, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-22283

    Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.... Read more

    Affected Products : health
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-45585

    An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, ... Read more

    Affected Products : fortisiem
    • Published: Nov. 14, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-28903

    An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system.... Read more

    Affected Products :
    • Published: Jun. 28, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2022-25827

    Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log... Read more

    Affected Products : galaxy_watch_plugin
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-39906

    Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.... Read more

    Affected Products : android dex
    • Published: Dec. 08, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-2649

    Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Internal Operations). The supported version that is affected is 16.0. Easily exploitable vulnerability allows low privileg... Read more

    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-30751

    Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_DHCPACK_EVENT action.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-21267

    Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Pipeline Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows ... Read more

    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-42769

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 3.3

    LOW
    CVE-2020-24366

    Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.... Read more

    Affected Products : youtrack
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-3741

    In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.... Read more

    • Published: Jun. 04, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2013-5037

    The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages.... Read more

    • Published: Dec. 30, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293517 Results