Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2011-0702

    The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to overwrite arbitrary files via a symlink attack on a /tmp/feh_ temporary file.... Read more

    Affected Products : feh feh
    • Published: Feb. 14, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2025-24336

    SXF Common Library handles input data improperly. If a product using the library reads a crafted file, the product may be crashed.... Read more

    Affected Products :
    • Published: Jan. 31, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2024-20834

    The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.... Read more

    Affected Products : android android dex
    • Published: Mar. 05, 2024
    • Modified: Feb. 10, 2025

  • 3.3

    LOW
    CVE-2024-20807

    Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information.... Read more

    Affected Products : email
    • Published: Jan. 04, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-5198

    OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.... Read more

    Affected Products : openvpn-gui ovpn-dco-win
    • Published: Jan. 15, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2022-30752

    Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_STATE_CHANGED action.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-33698

    Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-23188

    Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 3.3

    LOW
    CVE-2023-28903

    An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system.... Read more

    Affected Products :
    • Published: Jun. 28, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2016-4516

    ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : pcm600
    • Published: Jun. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-25168

    Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module.... Read more

    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-16252

    FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.... Read more

    Affected Products : event_log_explorer
    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-3538

    Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.... Read more

    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-3826

    Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.... Read more

    Affected Products : wireshark
    • Published: Jun. 30, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-39978

    ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.... Read more

    Affected Products : fedora imagemagick
    • Published: Aug. 08, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20446

    In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges ne... Read more

    Affected Products : android
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 3.3

    LOW
    CVE-2010-5105

    The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.... Read more

    Affected Products : blender
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2013-1444

    A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.... Read more

    Affected Products : txt2man txt2man
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-8842

    A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arb... Read more

    Affected Products : macos mac_os_x
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-34951

    Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exp... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 07, 2024
    • Modified: Aug. 07, 2025
Showing 20 of 293668 Results