Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-35903

    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exp... Read more

    Affected Products : microstation view
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-37394

    An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvta... Read more

    Affected Products : nova
    • Published: Aug. 03, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-2708

    Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege wi... Read more

    Affected Products : berkeley_db
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-30908

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen.... Read more

    Affected Products : macos
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-2763

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solari... Read more

    Affected Products : solaris solaris
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25403

    Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.... Read more

    Affected Products : android account
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-50057

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fi... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 3.3

    LOW
    CVE-2024-50211

    In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now dete... Read more

    Affected Products : linux_kernel
    • Published: Nov. 08, 2024
    • Modified: Nov. 18, 2024

  • 3.3

    LOW
    CVE-2020-18442

    Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".... Read more

    Affected Products : fedora debian_linux zziplib zziplib
    • Published: Jun. 18, 2021
    • Modified: Jul. 10, 2025

  • 3.3

    LOW
    CVE-2021-25317

    A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to... Read more

    • Published: May. 05, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25439

    Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.... Read more

    Affected Products : android members
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15919

    An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.... Read more

    Affected Products : linux_kernel leap
    • Published: Sep. 04, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-13762

    Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.... Read more

    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-19909

    Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated s... Read more

    Affected Products : curl
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25316

    A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versi... Read more

    Affected Products : linux_enterprise_server s390-tools
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25402

    Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.... Read more

    Affected Products : notes
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-1154

    Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.... Read more

    Affected Products : ios_xr
    • Published: Aug. 21, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2021-25398

    Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts.... Read more

    Affected Products : bixby_voice
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-50044

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl alway... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 08, 2024

  • 3.3

    LOW
    CVE-2021-25404

    Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.... Read more

    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293651 Results