Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-40778

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. Photos in the Hidden Photos Album may be viewed without authentication.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 17, 2025

  • 3.3

    LOW
    CVE-2019-15393

    The Asus ZenFone Live Android device with a build fingerprint of asus/WW_Phone/ASUS_X00LD_3:7.1.1/NMF26F/14.0400.1806.203-20180720:user/release-keys contains a pre-installed app with a package name of com.asus.atd.smmitest app (versionCode=1, versionName=... Read more

    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15415

    The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1711_201803291645) th... Read more

    Affected Products : redmi_5_firmware redmi_5
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15332

    The Lava Z61 Android device with a build fingerprint of LAVA/Z61_2GB/Z61_2GB:8.1.0/O11019/1533889281:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows an... Read more

    Affected Products : z61_firmware z61
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15387

    The Archos Core 101 Android device with a build fingerprint of archos/MTKAC101CR3G_ARCHOS/ac101cr3g:7.0/NRD90M/20180611.034442:user/release-keys contains a pre-installed app with a package name of com.roco.autogen app (versionCode=1, versionName=1) that a... Read more

    Affected Products : core_101_firmware core_101
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-21337

    Windows NTFS Elevation of Privilege Vulnerability... Read more

    • Published: Feb. 11, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2024-30356

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2019-15339

    The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app... Read more

    Affected Products : z60s_firmware z60s
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-30329

    Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulne... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 03, 2024
    • Modified: Aug. 11, 2025

  • 3.3

    LOW
    CVE-2023-38116

    Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2010-4648

    The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2009-0358

    Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser, as ... Read more

    Affected Products : firefox
    • Published: Feb. 04, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2011-0012

    The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.... Read more

    Affected Products : firefox spice-xpi
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2009-3614

    liboping 1.3.2 allows users reading arbitrary files upon the local system.... Read more

    Affected Products : debian_linux liboping
    • Published: Nov. 09, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-4193

    Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file.... Read more

    Affected Products : merkaartor
    • Published: Dec. 03, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2023-34442

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <... Read more

    Affected Products : camel
    • Published: Jul. 10, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-38069

    In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases... Read more

    Affected Products : intellij_idea
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-37395

    IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.... Read more

    Affected Products : aspera_faspex
    • Published: Dec. 11, 2024
    • Modified: Jan. 07, 2025

  • 3.3

    LOW
    CVE-2023-37939

    An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 t... Read more

    Affected Products : forticlient
    • Published: Oct. 10, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-5449

    A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated.... Read more

    • Published: Oct. 13, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293414 Results