Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2019-8777

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A local attacke... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.04
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-25513

    An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-4352

    IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494.... Read more

    Affected Products : maximo_anywhere
    • EPSS Score: %0.05
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-3430

    A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been classified as problematic. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an un... Read more

    Affected Products :
    • Published: Apr. 07, 2024
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-33720

    Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.... Read more

    Affected Products : android dex
    • EPSS Score: %0.03
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-47274

    ToolHive is a utility designed to simplify the deployment and management of Model Context Protocol (MCP) servers. Due to the ordering of code used to start an MCP server container, versions of ToolHive prior to 0.0.33 inadvertently store secrets in the ru... Read more

    Affected Products :
    • Published: May. 12, 2025
    • Modified: May. 12, 2025

  • 2.4

    LOW
    CVE-2016-11027

    An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016-7132 (December 2016).... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Apr. 07, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2018-17177

    An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called "black box" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character passwo... Read more

    • EPSS Score: %0.02
    • Published: Sep. 18, 2018
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-48506

    A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymizat... Read more

    Affected Products : democracy_suite
    • EPSS Score: %0.06
    • Published: Jun. 19, 2023
    • Modified: Jan. 02, 2025

  • 2.4

    LOW
    CVE-2021-1755

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A person with physical access to an iOS device may be able to access contacts from the... Read more

    Affected Products : macos
    • EPSS Score: %0.13
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2010-3513

    Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers.... Read more

    Affected Products : solaris opensolaris
    • EPSS Score: %0.10
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2018-7924

    Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnera... Read more

    Affected Products : anne-al00_firmware anne-al00
    • EPSS Score: %0.02
    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-21438

    Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.... Read more

    Affected Products : android android dex
    • EPSS Score: %0.08
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-24885

    Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for t... Read more

    Affected Products : nextcloud_server nextcloud notes
    • EPSS Score: %0.07
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-0230

    A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic.... Read more

    • EPSS Score: %5.16
    • Published: Jan. 12, 2024
    • Modified: Jun. 03, 2025

  • 2.4

    LOW
    CVE-2021-25348

    Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.... Read more

    Affected Products : internet
    • EPSS Score: %0.06
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2022-33700

    Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2020-0382

    In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitat... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Sep. 17, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2022-33699

    Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2025-3864

    Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue ... Read more

    Affected Products :
    • Published: May. 28, 2025
    • Modified: May. 28, 2025
Showing 20 of 291058 Results