Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-56494

    IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-0759

    IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Race Condition

  • 3.3

    LOW
    CVE-2023-5551

    Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.... Read more

    • Published: Nov. 09, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-46781

    An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0... Read more

    • Published: Apr. 06, 2023
    • Modified: Feb. 12, 2025

  • 3.3

    LOW
    CVE-2023-28194

    The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen.... Read more

    Affected Products : iphone_os ipad_os ipados
    • Published: May. 08, 2023
    • Modified: Jan. 29, 2025

  • 3.3

    LOW
    CVE-2024-0125

    NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a ... Read more

    Affected Products : cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 3.3

    LOW
    CVE-2019-8842

    A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arb... Read more

    Affected Products : macos mac_os_x
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-23242

    A privacy issue was addressed by not logging contents of text fields. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to view Mail data.... Read more

    Affected Products : macos iphone_os ipad_os ipados
    • Published: Mar. 08, 2024
    • Modified: Dec. 06, 2024

  • 3.3

    LOW
    CVE-2023-25511

    NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division-by-zero error may enable a user to cause a crash, which may lead to a limited denial of service.... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • Published: Apr. 22, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-4114

    The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when anothe... Read more

    Affected Products : par-packer_module
    • Published: Jan. 13, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-47112

    7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.... Read more

    Affected Products : 7-zip
    • Published: Apr. 19, 2025
    • Modified: Aug. 18, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2010-0118

    Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check.... Read more

    Affected Products : bournal
    • Published: Feb. 25, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-3423

    lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.... Read more

    Affected Products : emacs mageia
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2010-2291

    Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. NOTE: some of these details are obtained from third party ... Read more

    Affected Products : voip_phone_firmware
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2025-24121

    A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2010-3282

    389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, w... Read more

    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-2792

    Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communication between this plug-in and the client (aka qspice-cli... Read more

    Affected Products : firefox spice-xpi
    • Published: Aug. 30, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-1716

    IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. IBM X-Force ID: 134638.... Read more

    Affected Products : tivoli_workload_scheduler
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-20810

    Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.... Read more

    Affected Products : android android dex
    • Published: Feb. 06, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-5693

    The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover mailbox names by reading /var/log/magicspam/mslog.... Read more

    Affected Products : magicspam
    • Published: Jan. 14, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293640 Results