Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.5

    LOW
    CVE-2024-42183

    BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation or allowlist controls.... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Path Traversal

  • 2.5

    LOW
    CVE-2025-5643

    A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption.... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2021-2149

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Orac... Read more

    • EPSS Score: %0.12
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2017-11850

    Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially cr... Read more

    • EPSS Score: %1.29
    • Published: Nov. 15, 2017
    • Modified: Apr. 20, 2025

  • 2.5

    LOW
    CVE-2020-13659

    address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.... Read more

    Affected Products : ubuntu_linux debian_linux leap qemu
    • EPSS Score: %0.03
    • Published: Jun. 02, 2020
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2019-8757

    A race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to sha... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.10
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-13978

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereferen... Read more

    Affected Products : libtiff
    • Published: Aug. 01, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2024-21004

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more

    • Published: Apr. 16, 2024
    • Modified: May. 29, 2025

  • 2.5

    LOW
    CVE-2018-20942

    cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.07
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2021-25335

    Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.... Read more

    Affected Products : android dex one_ui
    • EPSS Score: %0.05
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2025-48825

    RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less trusted source, which may allow an attacker who can conduct a man-in-the-middle attack to eavesdrop upgrade requests and execute a malicious DLL with custom code.... Read more

    Affected Products :
    • Published: Jun. 13, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Misconfiguration

  • 2.5

    LOW
    CVE-2015-5313

    Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:wr... Read more

    Affected Products : libvirt
    • EPSS Score: %0.06
    • Published: Apr. 11, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2021-43566

    All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the... Read more

    Affected Products : samba
    • EPSS Score: %0.22
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-34063

    vodozemac is an implementation of Olm and Megolm in pure Rust. Versions 0.5.0 and 0.5.1 of vodozemac have degraded secret zeroization capabilities, due to changes in third-party cryptographic dependencies (the Dalek crates), which moved secret zeroization... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-11035

    Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak vulnerability, which s a type of issue whereby sensitive information may b exposed due to a vulnerability in software.... Read more

    Affected Products :
    • Published: Mar. 05, 2025
    • Modified: Mar. 05, 2025
    • Vuln Type: Information Disclosure

  • 2.5

    LOW
    CVE-2024-43785

    gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form AN... Read more

    Affected Products :
    • Published: Aug. 22, 2024
    • Modified: Aug. 23, 2024

  • 2.5

    LOW
    CVE-2015-7435

    IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows local... Read more

    Affected Products : tivoli_common_reporting
    • EPSS Score: %0.05
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2017-18412

    cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.07
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2016-5992

    IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors.... Read more

    Affected Products : sterling_connect\
    • EPSS Score: %0.05
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2018-6259

    NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.... Read more

    Affected Products : geforce_experience
    • EPSS Score: %0.05
    • Published: Aug. 31, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291526 Results