Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-39849

    Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.... Read more

    Affected Products : android dex
    • Published: Oct. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-48852

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-3647

    ** DISPUTED ** A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexi... Read more

    Affected Products : redis
    • Published: Oct. 21, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-48937

    In the Linux kernel, the following vulnerability has been resolved: io_uring: add a schedule point in io_add_buffers() Looping ~65535 times doing kmalloc() calls can trigger soft lockups, especially with DEBUG features (like KASAN). [ 253.536212] watc... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 22, 2024

  • 3.3

    LOW
    CVE-2023-37939

    An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 t... Read more

    Affected Products : forticlient
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2006-1247

    rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : aix
    • Published: Apr. 19, 2006
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2024-7542

    oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on... Read more

    Affected Products : ofono
    • Published: Aug. 06, 2024
    • Modified: Aug. 29, 2024

  • 3.3

    LOW
    CVE-2024-7541

    oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on ... Read more

    Affected Products : ofono
    • Published: Aug. 06, 2024
    • Modified: Aug. 29, 2024

  • 3.3

    LOW
    CVE-2024-53871

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2023-38612

    The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. An app may be able to access protected user data.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 3.3

    LOW
    CVE-2023-38069

    In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases... Read more

    Affected Products : intellij_idea
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-38605

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-27056

    In SELinux policies of mls, there is a missing permission check. This could lead to local information disclosure of package metadata with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: ... Read more

    Affected Products : android
    • Published: Dec. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-25168

    Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module.... Read more

    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-5198

    OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.... Read more

    Affected Products : openvpn-gui ovpn-dco-win
    • Published: Jan. 15, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2024-8518

    CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user.... Read more

    Affected Products : zelio_soft_2
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 3.3

    LOW
    CVE-2025-46329

    libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encry... Read more

    Affected Products : connector_for_c\/c\+\+
    • Published: Apr. 29, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-32268

    An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component.... Read more

    Affected Products :
    • Published: Apr. 29, 2024
    • Modified: Feb. 10, 2025

  • 3.3

    LOW
    CVE-2024-28811

    An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations.... Read more

    Affected Products : hit_7300_firmware hit_7300
    • Published: Sep. 30, 2024
    • Modified: May. 30, 2025

  • 3.3

    LOW
    CVE-2025-6648

    PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Jun. 25, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 294121 Results