Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-30752

    Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_STATE_CHANGED action.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-4591

    IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.... Read more

    • Published: Aug. 28, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-29383

    In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible... Read more

    Affected Products : shadow
    • Published: Apr. 14, 2023
    • Modified: Feb. 06, 2025

  • 3.3

    LOW
    CVE-2019-2874

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-28195

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-28902

    An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. The vulnerability was originally discovered in Skoda Superb III ca... Read more

    Affected Products :
    • Published: Jun. 28, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2023-25510

    NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service.... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • Published: Apr. 22, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-25523

    NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • Published: Jul. 04, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-40520

    The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory.... Read more

    Affected Products : iphone_os tvos watchos ipados
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-28369

    Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. This vulnerability may be exploited by the other app installed on the victim user's Android device, which may lead to displaying the settings and/or log information... Read more

    Affected Products : iprint\&scan
    • Published: May. 18, 2023
    • Modified: Jan. 22, 2025

  • 3.3

    LOW
    CVE-2023-28197

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Jan. 10, 2024
    • Modified: Jun. 17, 2025

  • 3.3

    LOW
    CVE-2023-28303

    Windows Snipping Tool Information Disclosure Vulnerability... Read more

    • Published: Jun. 13, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1833

    Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 03, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2018-6382

    MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended ... Read more

    Affected Products : mantisbt
    • Published: Jan. 30, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2006-1247

    rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : aix
    • Published: Apr. 19, 2006
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2017-8933

    Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (menu unavailability).... Read more

    Affected Products : libmenu-cache
    • Published: May. 15, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2012-1906

    Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite a... Read more

    • Published: May. 29, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-37939

    An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 t... Read more

    Affected Products : forticlient
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-0966

    A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.... Read more

    Affected Products : windows_10 windows_server_2016
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-37395

    IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.... Read more

    Affected Products : aspera_faspex
    • Published: Dec. 11, 2024
    • Modified: Jan. 07, 2025
Showing 20 of 293329 Results