Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2013-2483

    The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid cou... Read more

    Affected Products : debian_linux wireshark opensuse
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-1176

    IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments. IBM X-Force ID: 123299.... Read more

    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-1088

    In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly clear the memory of the kld_file_stat structure before filling the data. Since the structure filled by the k... Read more

    Affected Products : freebsd
    • Published: Nov. 16, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2015-3778

    bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic.... Read more

    Affected Products : mac_os_x iphone_os
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2011-1749

    The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file v... Read more

    Affected Products : nfs-utils
    • Published: Feb. 26, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2017-1478

    IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613.... Read more

    • Published: Jan. 11, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22304

    There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected m... Read more

    Affected Products : taurus-al00a_firmware taurus-al00a
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0205

    A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394.... Read more

    Affected Products : cloud_orchestrator
    • Published: Aug. 30, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-2577

    Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: File Locking Services). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infra... Read more

    Affected Products : solaris solaris
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-9543

    An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setu... Read more

    Affected Products : nova
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-8801

    Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.... Read more

    Affected Products : endpoint_protection_manager
    • Published: Jun. 30, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-8946

    ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified ve... Read more

    Affected Products : ubuntu_linux ecryptfs-utils
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-9351

    In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to local limited information disclosure with no additional execution privilege... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9277

    In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. P... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-8934

    hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.... Read more

    Affected Products : leap qemu
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9292

    In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of current foreground process with no additional execution privileges needed. User interaction is not needed for expl... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-8857

    The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel.... Read more

    Affected Products : iphone_os ipados
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-3815

    A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A loca... Read more

    • Published: Jan. 28, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-30135

    HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken.... Read more

    Affected Products :
    • Published: Jun. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-9780

    The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher.... Read more

    Affected Products : iphone_os ipados
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293625 Results