Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-48852

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-40707

    An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more

    • Published: Sep. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-1513

    A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • Published: Mar. 23, 2023
    • Modified: Feb. 25, 2025

  • 3.3

    LOW
    CVE-2022-42931

    Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox ... Read more

    Affected Products : firefox
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 3.3

    LOW
    CVE-2022-42758

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 3.3

    LOW
    CVE-2022-3647

    ** DISPUTED ** A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexi... Read more

    Affected Products : redis
    • Published: Oct. 21, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-42839

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Apr. 17, 2025

  • 3.3

    LOW
    CVE-2022-39849

    Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.... Read more

    Affected Products : android dex
    • Published: Oct. 07, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-42834

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compressi... Read more

    Affected Products : macos
    • Published: Jun. 23, 2023
    • Modified: Dec. 10, 2024

  • 3.3

    LOW
    CVE-2022-42903

    Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list.... Read more

    Affected Products : manageengine_supportcenter_plus
    • Published: Nov. 17, 2022
    • Modified: Apr. 30, 2025

  • 3.3

    LOW
    CVE-2022-48937

    In the Linux kernel, the following vulnerability has been resolved: io_uring: add a schedule point in io_add_buffers() Looping ~65535 times doing kmalloc() calls can trigger soft lockups, especially with DEBUG features (like KASAN). [ 253.536212] watc... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 22, 2024

  • 3.3

    LOW
    CVE-2022-39893

    Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.... Read more

    Affected Products : galaxy_buds_pro_manage
    • Published: Nov. 09, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-29623

    "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS ... Read more

    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5499

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.... Read more

    Affected Products : database_server
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2020-5831

    Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been all... Read more

    Affected Products : endpoint_protection_manager
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-21610

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDoms). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris execute... Read more

    Affected Products : solaris solaris
    • Published: Oct. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-5928

    In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times.... Read more

    • Published: Aug. 26, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-42249

    In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. Thi... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 3.3

    LOW
    CVE-2021-25317

    A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to... Read more

    • Published: May. 05, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25403

    Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.... Read more

    Affected Products : android account
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 294528 Results