Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-42830

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Jun. 16, 2025

  • 3.3

    LOW
    CVE-2019-15466

    The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V10.2.6.0.ODMMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, version... Read more

    Affected Products : redmi_6_pro_firmware redmi_6_pro
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15421

    The Blackview BV7000_Pro Android device with a build fingerprint of Blackview/BV7000_Pro/BV7000_Pro:7.0/NRD90M/1493011204:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) tha... Read more

    Affected Products : bv7000_pro_firmware bv7000_pro
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2007-6705

    The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to du... Read more

    Affected Products : websphere_mq
    • Published: Mar. 09, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2023-38116

    Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2010-2053

    emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file.... Read more

    Affected Products : emesene
    • Published: Jun. 07, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-30356

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2024-23211

    A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Set... Read more

    Affected Products : macos iphone_os watchos safari ipados
    • Published: Jan. 23, 2024
    • Modified: Jun. 20, 2025

  • 3.3

    LOW
    CVE-2024-30329

    Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulne... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 03, 2024
    • Modified: Aug. 11, 2025

  • 3.3

    LOW
    CVE-2023-42095

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15415

    The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1711_201803291645) th... Read more

    Affected Products : redmi_5_firmware redmi_5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-51555

    Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerab... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2023-40137

    In multiple functions of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ... Read more

    Affected Products : android
    • Published: Oct. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1833

    Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 03, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-40134

    In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • Published: Oct. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-0027

    The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : flite
    • Published: Jan. 26, 2014
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-40135

    In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex... Read more

    Affected Products : android
    • Published: Oct. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-6463

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.... Read more

    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-5869

    The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.... Read more

    Affected Products : mac_os_x iphone_os watchos
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-41310

    Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293414 Results