Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-54516

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2024-50564

    A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped.... Read more

    Affected Products : forticlient
    • Published: Jan. 14, 2025
    • Modified: Jun. 11, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2021-34688

    iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static... Read more

    Affected Products : windows remotepc
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-35005

    This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ... Read more

    Affected Products : teamviewer
    • Published: Jan. 24, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-26342

    In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to ... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-32680

    Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is s... Read more

    Affected Products : fedora nextcloud_server notes
    • Published: Jul. 12, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-23114

    Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : publish_over_ssh
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0296

    IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user.... Read more

    Affected Products : bigfix_platform
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-5525

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.... Read more

    Affected Products : solaris_cluster
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-48727

    NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: May. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5508

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo.... Read more

    Affected Products : solaris_cluster
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-5498

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499.... Read more

    Affected Products : database_server
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-2949

    IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading cached web pages from a different user's session.... Read more

    Affected Products : bigfix_remote_control
    • Published: Nov. 30, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-3469

    Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related to Services.... Read more

    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-2877

    IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file.... Read more

    • Published: Nov. 30, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-5938

    IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system.... Read more

    Affected Products : kenexa_lms kenexa_lms_on_cloud
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-5432

    The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.... Read more

    • Published: Oct. 03, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-48939

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1:1:27 blocked for more than 140 seconds. INFO: task hun... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 22, 2024

  • 3.3

    LOW
    CVE-2016-5490

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.4.0 allows local users to affect confidentiality via vectors related to INFRA.... Read more

    Affected Products : flexcube_universal_banking
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-0109

    NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which coul... Read more

    Affected Products : cuda_toolkit
    • Published: Aug. 31, 2024
    • Modified: Sep. 18, 2024
Showing 20 of 293542 Results