Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2025-46717

    sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no (or very limited) sudo privileges can determine whether files exists in folders that they otherwise cannot access using `sudo --list <pathname>`.... Read more

    Affected Products : sudo
    • Published: May. 12, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-24141

    An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked.... Read more

    Affected Products : iphone_os ipados
    • Published: Jan. 27, 2025
    • Modified: Feb. 04, 2025
    • Vuln Type: Authentication

  • 3.3

    LOW
    CVE-2025-24100

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access information about a user's contacts.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-21024

    Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information.... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-49756

    Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.... Read more

    Affected Products : 365_apps
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2014-4864

    The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file.... Read more

    • Published: Sep. 10, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2021-0987

    In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no addit... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-6371

    The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading broadcast packets, a different vulne... Read more

    Affected Products : n900_wireless_router
    • Published: Dec. 31, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-34671

    Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : internet
    • Published: Oct. 08, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-6614

    A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launc... Read more

    Affected Products : typecho
    • Published: Dec. 08, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0978

    In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0982

    In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User inte... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-3141

    A vulnerability has been found in Clavister E10 and E80 up to 14.00.10 and classified as problematic. This vulnerability affects unknown code of the file /?Page=Node&OBJ=/System/AdvancedSettings/DeviceSettings/MiscSettings of the component Misc Settings P... Read more

    Affected Products :
    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-54125

    Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a... Read more

    Affected Products :
    • Published: Dec. 17, 2024
    • Modified: Dec. 17, 2024

  • 3.3

    LOW
    CVE-2024-31071

    in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.... Read more

    Affected Products : openharmony openharmony
    • Published: Jul. 02, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22308

    There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage.... Read more

    Affected Products : emui magic_ui
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-32944

    Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer (.uar file, .zip file) to UTAU, an arbitrary file may be placed.... Read more

    Affected Products :
    • Published: May. 28, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-35311

    Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 FIPS before 5.7.2 have Incorrect Access Control.... Read more

    Affected Products :
    • Published: May. 29, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-27330

    PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: Apr. 01, 2024
    • Modified: Jul. 07, 2025

  • 3.3

    LOW
    CVE-2021-22294

    A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.... Read more

    Affected Products : harmonyos
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293352 Results