Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2021-1015

    In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional ex... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-5060

    The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user e... Read more

    Affected Products : par-packer_module
    • Published: Jan. 13, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-51491

    notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature... Read more

    Affected Products : notation-go
    • Published: Jan. 13, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2025-6199

    A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error... Read more

    Affected Products : enterprise_linux gdkpixbuf
    • Published: Jun. 17, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-26419

    In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authentication

  • 3.3

    LOW
    CVE-2025-0011

    Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 06, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-9324

    Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : pdf_reader
    • Published: Sep. 02, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2020-14354

    A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulner... Read more

    Affected Products : fedora c-ares
    • Published: May. 13, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-5928

    In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times.... Read more

    • Published: Aug. 26, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-11869

    An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A maliciou... Read more

    Affected Products : qemu
    • Published: Apr. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-2602

    A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.... Read more

    • Published: Jun. 06, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-51792

    Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.... Read more

    Affected Products :
    • Published: Apr. 19, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-29623

    "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS ... Read more

    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-14772

    Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing error messages upon valid and invalid account login att... Read more

    Affected Products : skybox_manager_client_application
    • Published: Oct. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2020-5831

    Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been all... Read more

    Affected Products : endpoint_protection_manager
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-42249

    In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. Thi... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 3.3

    LOW
    CVE-2024-44172

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, macOS Sequoia 15. An app may be able to access contacts.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2020-5833

    Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the p... Read more

    Affected Products : endpoint_protection_manager
    • Published: May. 11, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-50092

    In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in the buffer for userdata. However, this is not an issue since userdata will be sent in the n... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 13, 2024

  • 3.3

    LOW
    CVE-2024-43845

    In the Linux kernel, the following vulnerability has been resolved: udf: Fix bogus checksum computation in udf_rename() Syzbot reports uninitialized memory access in udf_rename() when updating checksum of '..' directory entry of a moved directory. This ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Jun. 19, 2025
Showing 20 of 292797 Results