Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-23292

    This issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to access information about a user's contacts.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Mar. 08, 2024
    • Modified: Mar. 27, 2025

  • 3.3

    LOW
    CVE-2012-3825

    Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than C... Read more

    Affected Products : wireshark
    • Published: Jun. 30, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-2148

    An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies... Read more

    • Published: Dec. 06, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-6607

    The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.... Read more

    Affected Products : augeas
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-23256

    A logic issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4. A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled.... Read more

    Affected Products : iphone_os ipad_os ipados
    • Published: Mar. 05, 2024
    • Modified: Dec. 05, 2024

  • 3.3

    LOW
    CVE-2024-36137

    A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod... Read more

    Affected Products : node.js
    • Published: Sep. 07, 2024
    • Modified: Nov. 22, 2024

  • 3.3

    LOW
    CVE-2024-23743

    Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based applicati... Read more

    Affected Products : macos notion
    • Published: Jan. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-4866

    The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate attackers to trigger physical resource consumption (water or heat) or user discomfort.... Read more

    Affected Products : my_satis_genius_toilet
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-0196

    NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service. ... Read more

    Affected Products : windows cuda_toolkit linux_kernel
    • Published: Mar. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-4209

    Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums.... Read more

    Affected Products : automatic_bug_reporting_tool
    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-3349

    GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue... Read more

    Affected Products : evolution
    • Published: Feb. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-3954

    Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.... Read more

    Affected Products : ubuntu_linux debian_linux dhcp
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-17056

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-4116

    lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.... Read more

    Affected Products : npm node_packaged_modules
    • Published: Apr. 22, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-24448

    An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but th... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9292

    In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of current foreground process with no additional execution privileges needed. User interaction is not needed for expl... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2003-1426

    Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory cont... Read more

    Affected Products : cpanel
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2019-6331

    An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007. A potential security vulnerability caused by incomplete obfuscation of application configuration information.... Read more

    Affected Products : samsung_mobile_print
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-44191

    Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows after_effects
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-2484

    The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.... Read more

    Affected Products : debian_linux wireshark opensuse
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 294522 Results