Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2024-23257

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 16.7.6 and iPadOS 16.7.6. Processing an image may result in disclosure of process memory.... Read more

    Affected Products : macos iphone_os ipad_os ipados visionos
    • Published: Mar. 08, 2024
    • Modified: Mar. 27, 2025

  • 3.3

    LOW
    CVE-2013-4866

    The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate attackers to trigger physical resource consumption (water or heat) or user discomfort.... Read more

    Affected Products : my_satis_genius_toilet
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2013-5160

    Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by making a series of taps of the emergency-call button to trigger a NULL poi... Read more

    Affected Products : iphone_os
    • Published: Sep. 28, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-2142

    userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or... Read more

    Affected Products : libimobiledevice
    • Published: Jan. 19, 2014
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-3954

    Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.... Read more

    Affected Products : ubuntu_linux debian_linux dhcp
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-5398

    Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1 allo... Read more

    Affected Products : rational_focal_point
    • Published: Dec. 18, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-17056

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-8449

    A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.... Read more

    Affected Products : windows_10 windows_server_2016
    • Published: Sep. 13, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-13801

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2013-4116

    lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.... Read more

    Affected Products : npm node_packaged_modules
    • Published: Apr. 22, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2023-0196

    NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service. ... Read more

    Affected Products : windows cuda_toolkit linux_kernel
    • Published: Mar. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-24448

    An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but th... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-5636

    Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism b... Read more

    Affected Products : endpoint_security
    • Published: Nov. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-5219

    Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd.... Read more

    • Published: Dec. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2012-5512

    Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.... Read more

    Affected Products : xenserver
    • Published: Dec. 13, 2012
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2020-2748

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker wi... Read more

    Affected Products : leap vm_virtualbox
    • Published: Apr. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2015-0427

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability th... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2022-26354

    A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.... Read more

    Affected Products : debian_linux qemu
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2021-20203

    An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash th... Read more

    Affected Products : fedora debian_linux qemu
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2013-1923

    rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks.... Read more

    Affected Products : nfs-utils
    • Published: Jan. 21, 2014
    • Modified: Apr. 11, 2025
Showing 20 of 293344 Results