Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2012-4291

    The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.... Read more

    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-3764

    ** DISPUTED ** A vulnerability classified as problematic has been found in Tuya SDK up to 5.0.x. Affected is an unknown function of the component MQTT Packet Handler. The manipulation leads to denial of service. It is possible to launch the attack remotel... Read more

    Affected Products :
    • Published: Apr. 14, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-3766

    A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/upload_image of the component Image File Upload. The manipulation of the argu... Read more

    Affected Products :
    • Published: Apr. 15, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-20263

    A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the gu... Read more

    Affected Products : qemu
    • Published: Mar. 09, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-1034

    In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check. This could lead to localinformation disclosure with no additional execu... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-1753

    Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."... Read more

    Affected Products : coccinelle
    • Published: May. 22, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2021-1018

    In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional executi... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5499

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.... Read more

    Affected Products : database_server
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-2978

    IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938.... Read more

    Affected Products : sametime
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-1032

    In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional exec... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-9753

    Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2025-0249

    HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token was not invalidated which may allow attackers to access sensitive data without authorization.... Read more

    Affected Products :
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authentication

  • 3.3

    LOW
    CVE-2024-9754

    Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2007-0523

    The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push.... Read more

    Affected Products : n70
    • Published: Jan. 26, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2022-40707

    An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more

    • Published: Sep. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-56810

    IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-9762

    Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interact... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Dec. 05, 2024

  • 3.3

    LOW
    CVE-2022-40708

    An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more

    • Published: Sep. 28, 2022
    • Modified: May. 20, 2025

  • 3.3

    LOW
    CVE-2024-9759

    Tungsten Automation Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2024-55503

    An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES component.... Read more

    Affected Products : macos termius
    • Published: Jan. 15, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293510 Results