Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-20494

    In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).... Read more

    Affected Products : cpanel
    • Published: Mar. 17, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-1640

    axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename... Read more

    Affected Products : axiom
    • Published: Jan. 28, 2014
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-1010208

    IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt) is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver (veracrypt.sys). The att... Read more

    Affected Products : veracrypt truecrypt
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-6348

    Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain p... Read more

    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-2310

    SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi applicati... Read more

    • Published: Jun. 17, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2015-4779

    Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-4774 an... Read more

    Affected Products : berkeley_db
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2014-3715

    Buffer overflow in Xen 4.4.x allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit guest kernel, related to searching for an appended DTB.... Read more

    Affected Products : xen
    • Published: May. 19, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2012-4366

    Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the WAN MAC address, which allows remote attackers to acces... Read more

    • Published: Nov. 20, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-6335

    The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."... Read more

    Affected Products : avg_antivirus
    • Published: Dec. 31, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-3378

    The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink ... Read more

    Affected Products : at-spi2-atk
    • Published: Aug. 31, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-8243

    Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 b... Read more

    • Published: Nov. 01, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2017-2375

    An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud.... Read more

    Affected Products : iphone_os
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-23194

    Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1).... Read more

    Affected Products : command_centre
    • Published: Jul. 11, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-41861

    The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indicat... Read more

    Affected Products : telegram
    • Published: Oct. 04, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22308

    There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage.... Read more

    Affected Products : emui magic_ui
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-43264

    In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character.... Read more

    Affected Products : mahara
    • Published: Nov. 02, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-27358

    An issue was discovered in WithSecure Elements Agent through 23.x for macOS and WithSecure Elements Client Security through 23.x for macOS. Local users can block an admin from completing an installation, aka a Denial-of-Service (DoS).... Read more

    Affected Products :
    • Published: Jul. 26, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0982

    In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User inte... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-34671

    Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : internet
    • Published: Oct. 08, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-6614

    A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launc... Read more

    Affected Products : typecho
    • Published: Dec. 08, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293648 Results