Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-39074

    There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.... Read more

    • Published: May. 30, 2023
    • Modified: Jan. 13, 2025

  • 3.3

    LOW
    CVE-2024-36278

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.... Read more

    Affected Products : openharmony openharmony
    • Published: Jul. 02, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-6692

    The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Agreement Text value in all versions up to, and including, 3.3.2 due to insuff... Read more

    Affected Products : easy_digital_downloads
    • Published: Aug. 12, 2024
    • Modified: Feb. 07, 2025

  • 3.3

    LOW
    CVE-2019-6156

    In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). Lenovo was notified that after resuming f... Read more

    • Published: Apr. 10, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20252

    In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Use... Read more

    Affected Products : android
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-9761

    Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Dec. 05, 2024

  • 3.3

    LOW
    CVE-2023-29383

    In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible... Read more

    Affected Products : shadow
    • Published: Apr. 14, 2023
    • Modified: Feb. 06, 2025

  • 3.3

    LOW
    CVE-2023-29333

    Microsoft Access Denial of Service Vulnerability... Read more

    • Published: May. 09, 2023
    • Modified: Feb. 28, 2025

  • 3.3

    LOW
    CVE-2022-28764

    The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insuf... Read more

    • Published: Nov. 14, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-28303

    Windows Snipping Tool Information Disclosure Vulnerability... Read more

    • Published: Jun. 13, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-28369

    Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. This vulnerability may be exploited by the other app installed on the victim user's Android device, which may lead to displaying the settings and/or log information... Read more

    Affected Products : iprint\&scan
    • Published: May. 18, 2023
    • Modified: Jan. 22, 2025

  • 3.3

    LOW
    CVE-2023-28197

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Jan. 10, 2024
    • Modified: Jun. 17, 2025

  • 3.3

    LOW
    CVE-2020-3504

    A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI co... Read more

    • Published: Aug. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-29497

    A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access calendar data saved to a temporary directory.... Read more

    Affected Products : macos
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-25189

    BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care... Read more

    Affected Products :
    • Published: Sep. 25, 2024
    • Modified: Oct. 29, 2024

  • 3.3

    LOW
    CVE-2023-35990

    The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user has installed.... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-4114

    The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when anothe... Read more

    Affected Products : par-packer_module
    • Published: Jan. 13, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-28194

    The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen.... Read more

    Affected Products : iphone_os ipad_os ipados
    • Published: May. 08, 2023
    • Modified: Jan. 29, 2025

  • 3.3

    LOW
    CVE-2023-38069

    In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases... Read more

    Affected Products : intellij_idea
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-37395

    IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.... Read more

    Affected Products : aspera_faspex
    • Published: Dec. 11, 2024
    • Modified: Jan. 07, 2025
Showing 20 of 294132 Results