Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.5

    LOW
    CVE-2024-9203

    A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack h... Read more

    Affected Products :
    • Published: Sep. 26, 2024
    • Modified: Sep. 30, 2024

  • 2.5

    LOW
    CVE-2015-7436

    IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 preserves us... Read more

    Affected Products : tivoli_common_reporting
    • EPSS Score: %0.04
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2021-33604

    URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local user to execute arbitrary JavaScript code by opening craf... Read more

    Affected Products : vaadin flow-server
    • EPSS Score: %0.05
    • Published: Jun. 24, 2021
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-42185

    BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. This allows an attacker to exploit this vulnerability by injecting malicious XML content, which can lead to various issues including denial ... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Injection

  • 2.5

    LOW
    CVE-2017-1211

    IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could disclose sensitive information to a local user when logging is enabled. IBM X-Force ID: 123851.... Read more

    Affected Products : daeja_viewone
    • EPSS Score: %0.04
    • Published: Oct. 24, 2017
    • Modified: Apr. 20, 2025

  • 2.5

    LOW
    CVE-2017-1346

    IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan. IBM X-Force ID: 126461.... Read more

    Affected Products : business_process_manager
    • EPSS Score: %0.04
    • Published: Sep. 25, 2017
    • Modified: Apr. 20, 2025

  • 2.5

    LOW
    CVE-2023-2197

    HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be ... Read more

    Affected Products : vault
    • EPSS Score: %0.02
    • Published: May. 01, 2023
    • Modified: Jan. 30, 2025

  • 2.5

    LOW
    CVE-2025-9383

    A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/passwd. The manipulation leads to use of weak hash. The attack can only be performed from a local environment. T... Read more

    Affected Products :
    • Published: Aug. 24, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Cryptography

  • 2.5

    LOW
    CVE-2024-58251

    In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.... Read more

    Affected Products : busybox
    • Published: Apr. 23, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Denial of Service

  • 2.5

    LOW
    CVE-2025-32408

    In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled.... Read more

    Affected Products : iam
    • Published: Apr. 21, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 2.5

    LOW
    CVE-2015-7473

    runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.05
    • Published: Jun. 26, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2016-2894

    IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging prev... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %0.06
    • Published: Jul. 03, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2024-43785

    gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form AN... Read more

    Affected Products :
    • Published: Aug. 22, 2024
    • Modified: Aug. 23, 2024

  • 2.5

    LOW
    CVE-2023-20581

    Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity.... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Authorization

  • 2.4

    LOW
    CVE-2024-40822

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. An attacker with physical access to a device may be able to access ... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 27, 2025

  • 2.4

    LOW
    CVE-2025-6748

    A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It... Read more

    Affected Products :
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Misconfiguration

  • 2.4

    LOW
    CVE-2025-40570

    A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V10.0), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Denial of Service

  • 2.4

    LOW
    CVE-2024-45687

    Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in Payara Platform Payara Server (Grizzly, REST Management Interface modules), Payara Platform Payara Micro (Grizzly modules) allows Manipulating S... Read more

    Affected Products :
    • Published: Jan. 21, 2025
    • Modified: Jan. 21, 2025
    • Vuln Type: Misconfiguration

  • 2.4

    LOW
    CVE-2025-52687

    Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web traffics, potentially leading to session hijacking and denial-of-service (DoS).... Read more

    Affected Products :
    • Published: Jul. 16, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Injection

  • 2.4

    LOW
    CVE-2020-8352

    In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes.... Read more

    • EPSS Score: %0.06
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291647 Results