Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2016-0380

    IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.... Read more

    Affected Products : sterling_connect\
    • Published: Aug. 08, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-3125

    A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert Setup Page. The manipulation of the argument Address leads to cross site scripting. The attac... Read more

    Affected Products :
    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-3711

    HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie.... Read more

    Affected Products : openshift openshift_origin
    • Published: Jun. 08, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-0109

    NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which coul... Read more

    Affected Products : cuda_toolkit
    • Published: Aug. 31, 2024
    • Modified: Sep. 18, 2024

  • 3.3

    LOW
    CVE-2022-23114

    Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : publish_over_ssh
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-3469

    Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related to Services.... Read more

    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-0275

    IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (... Read more

    Affected Products : financial_transaction_manager
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0406

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via vectors related to Libc.... Read more

    Affected Products : solaris
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-1736

    A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be chang... Read more

    • Published: Mar. 16, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0296

    IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user.... Read more

    Affected Products : bigfix_platform
    • Published: Feb. 01, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-21383

    Microsoft Edge (Chromium-based) Spoofing Vulnerability... Read more

    Affected Products : edge_chromium
    • Published: Jan. 26, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-46792

    In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory raw_copy_{to,from}_user() do not call access_ok(), so this code allowed userspace to access any virtual memory address.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-7214

    The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass t... Read more

    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2012-1593

    epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.... Read more

    Affected Products : wireshark
    • Published: Apr. 11, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-22304

    There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected m... Read more

    Affected Products : taurus-al00a_firmware taurus-al00a
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-7620

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-46794

    In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmio_read() unintentionally exposes... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Nov. 20, 2024

  • 3.3

    LOW
    CVE-2012-0300

    Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive version information via unspecified vectors.... Read more

    Affected Products : message_filter
    • Published: Jul. 05, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-1478

    IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613.... Read more

    • Published: Jan. 11, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-3239

    Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.... Read more

    Affected Products : libunwind
    • Published: Aug. 26, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293414 Results