Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2018-21074

    An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018).... Read more

    Affected Products : android
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-26925

    NETGEAR GS808E devices before 1.7.1.0 are affected by denial of service.... Read more

    Affected Products : gs808e_firmware gs808e
    • Published: Oct. 09, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2021-20203

    An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash th... Read more

    Affected Products : fedora debian_linux qemu
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-13353

    When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above.... Read more

    Affected Products : gitaly
    • Published: Nov. 17, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-13362

    In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.... Read more

    Affected Products : ubuntu_linux debian_linux leap qemu
    • Published: May. 28, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2015-0427

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability th... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2025-48931

    The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort.... Read more

    Affected Products : telemessage
    • Published: May. 28, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cryptography

  • 3.2

    LOW
    CVE-2020-25741

    fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.... Read more

    Affected Products : qemu
    • Published: Oct. 02, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-25723

    A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus US... Read more

    Affected Products : debian_linux qemu
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-14394

    An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of servi... Read more

    • Published: Aug. 17, 2022
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2014-6590

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2014-6589

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2014-6595

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2012-1993

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.... Read more

    Affected Products : system_management_homepage
    • Published: Apr. 18, 2012
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2012-1995

    Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors.... Read more

    Affected Products : systems_insight_manager
    • Published: Mar. 11, 2013
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2008-4004

    Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : peoplesoft_enterprise enterpriseone
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 3.2

    LOW
    CVE-2020-25743

    hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.... Read more

    • Published: Oct. 06, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2024-21977

    Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.... Read more

    Affected Products :
    • Published: Sep. 05, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2013-0343

    The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and a... Read more

    Affected Products : linux_kernel
    • Published: Feb. 28, 2013
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2025-46415

    A race condition in the Nix, Lix, and Guix package managers allows the removal of content from arbitrary folders. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b.... Read more

    Affected Products : nix
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Race Condition
Showing 20 of 293329 Results