Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-9762

    Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interact... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Dec. 05, 2024

  • 3.3

    LOW
    CVE-2025-21024

    Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information.... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2017-3239

    Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the ... Read more

    Affected Products : glassfish_server
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-46792

    In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory raw_copy_{to,from}_user() do not call access_ok(), so this code allowed userspace to access any virtual memory address.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-3498

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where So... Read more

    Affected Products : solaris solaris
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-17864

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Dec. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-3474

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Sola... Read more

    Affected Products : solaris solaris
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-46794

    In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmio_read() unintentionally exposes... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Nov. 20, 2024

  • 3.3

    LOW
    CVE-2020-11867

    Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.... Read more

    Affected Products : fedora audacity
    • Published: Nov. 30, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-7138

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-4217

    A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.... Read more

    Affected Products : enterprise_linux fedora unzip
    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-20239

    A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-3240

    Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure wher... Read more

    Affected Products : database database_server
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2011-1749

    The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file v... Read more

    Affected Products : nfs-utils
    • Published: Feb. 26, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-47576

    SAP Product Lifecycle Costing Client (versions below 4.7.1) application loads on demand a DLL that is available with Windows OS. This DLL is loaded from the computer running SAP Product Lifecycle Costing Client application. That particular DLL could be re... Read more

    Affected Products :
    • Published: Dec. 10, 2024
    • Modified: Dec. 10, 2024

  • 3.3

    LOW
    CVE-2024-40830

    This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 3.3

    LOW
    CVE-2017-0188

    A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component improperly provides kernel information. An attacker who success... Read more

    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-40838

    A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15. A malicious app may be able to access notifications from the user's device.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 24, 2025

  • 3.3

    LOW
    CVE-2016-9348

    An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more

    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-40832

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app may be able to view a contact's phone number in system logs.... Read more

    Affected Products : macos
    • Published: Jul. 29, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 293671 Results