Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-2745

    Rapid7's InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.  This vulnerabil... Read more

    Affected Products : insightvm
    • Published: Apr. 02, 2024
    • Modified: Feb. 25, 2025

  • 3.3

    LOW
    CVE-2012-4046

    The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["P"] value.... Read more

    Affected Products : dcs-932l_firmware dcs-932l
    • Published: Dec. 24, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-36282

    Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data w... Read more

    • Published: Aug. 16, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-50092

    In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in the buffer for userdata. However, this is not an issue since userdata will be sent in the n... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 13, 2024

  • 3.3

    LOW
    CVE-2024-48838

    Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, le... Read more

    Affected Products : smartfabric_os10
    • Published: Nov. 12, 2024
    • Modified: Nov. 15, 2024

  • 3.3

    LOW
    CVE-2020-5833

    Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the p... Read more

    Affected Products : endpoint_protection_manager
    • Published: May. 11, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-43708

    VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an "insecure deserialization" issue.... Read more

    Affected Products :
    • Published: Apr. 17, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: XML External Entity

  • 3.3

    LOW
    CVE-2021-22468

    A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage.... Read more

    Affected Products : harmonyos
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-27331

    PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: Apr. 01, 2024
    • Modified: Jul. 07, 2025

  • 3.3

    LOW
    CVE-2015-4033

    Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to access the HTTP server on port 15000.... Read more

    Affected Products : s-beam
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-29160

    Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former accou... Read more

    Affected Products : nextcloud_server nextcloud notes
    • Published: May. 20, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-4527

    ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : pcm600
    • Published: Jun. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-31306

    Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2014-4214

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.... Read more

    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-20516

    Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2024-39286

    Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Feb. 12, 2025
    • Modified: Aug. 27, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2025-26461

    In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additional exe... Read more

    Affected Products : android
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2017-2384

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Privat... Read more

    Affected Products : iphone_os
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2025-26419

    In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authentication

  • 3.3

    LOW
    CVE-2016-0394

    IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files.... Read more

    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293412 Results