Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2017-17329

    Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system se... Read more

    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-14412

    Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).... Read more

    Affected Products : cpanel
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-22426

    IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and... Read more

    • Published: Jun. 10, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-14402

    cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481).... Read more

    Affected Products : cpanel
    • Published: Jul. 30, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-18422

    In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0435

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality and integrity via vectors related to Mobile POS.... Read more

    Affected Products : retail_applications
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-9364

    In AudioService, there is a possible trigger of background user audio due to a permissions bypass. This could lead to local information disclosure by playing the background user's audio with no additional execution privileges needed. User interaction is n... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-31815

    GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity ... Read more

    • Published: Apr. 28, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-7993

    Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012.... Read more

    • Published: Dec. 24, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-48435

    In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file... Read more

    Affected Products : phpstorm
    • Published: Apr. 04, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-21074

    An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018).... Read more

    Affected Products : android
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-2567

    secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by th... Read more

    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2023-5920

    Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input. ... Read more

    Affected Products : macos mattermost_desktop
    • Published: Nov. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-24069

    Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a se... Read more

    • Published: Jan. 23, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-53176

    Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.... Read more

    Affected Products : harmonyos
    • Published: Jul. 07, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2021-0994

    In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional ex... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-20977

    Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : notes
    • Published: May. 07, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2002-2301

    Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database.... Read more

    Affected Products : lawson_financials
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2015-0238

    selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to obtain process listing information via a privilege escalation attack.... Read more

    Affected Products : openshift openshift
    • Published: Sep. 26, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-5506

    Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server.... Read more

    Affected Products : identity_manager
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293510 Results