Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.5

    LOW
    CVE-2015-5313

    Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:wr... Read more

    Affected Products : libvirt
    • EPSS Score: %0.06
    • Published: Apr. 11, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2025-8534

    A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch th... Read more

    Affected Products : libtiff
    • Published: Aug. 05, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2024-20922

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exp... Read more

    • EPSS Score: %0.07
    • Published: Jan. 16, 2024
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-42184

    BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to download files using the file:// URI scheme.... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Misconfiguration

  • 2.5

    LOW
    CVE-2025-5647

    A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. T... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2021-25335

    Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.... Read more

    Affected Products : android dex one_ui
    • EPSS Score: %0.05
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-9203

    A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack h... Read more

    Affected Products :
    • Published: Sep. 26, 2024
    • Modified: Sep. 30, 2024

  • 2.5

    LOW
    CVE-2020-8912

    A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them ... Read more

    Affected Products : aws_s3_crypto_sdk
    • EPSS Score: %0.14
    • Published: Aug. 11, 2020
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-42182

    BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server on localhost.... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Server-Side Request Forgery

  • 2.5

    LOW
    CVE-2024-42183

    BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation or allowlist controls.... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Path Traversal

  • 2.5

    LOW
    CVE-2025-5642

    A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached lo... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2019-11191

    The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.00
    • Published: Apr. 12, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2023-52746

    In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() int type = nla_type(nla); if (type > XFRMA_MAX) { return -EOPNOTSUPP; } @type is then used as... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 02, 2025

  • 2.5

    LOW
    CVE-2023-52620

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.... Read more

    Affected Products : linux_kernel
    • Published: Mar. 21, 2024
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2017-18869

    A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.... Read more

    Affected Products : chownr
    • EPSS Score: %0.12
    • Published: Jun. 15, 2020
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2016-3321

    Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet ... Read more

    Affected Products : internet_explorer
    • EPSS Score: %29.81
    • Published: Aug. 09, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2016-0259

    runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.04
    • Published: Jun. 26, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2024-21336

    Microsoft Edge (Chromium-based) Spoofing Vulnerability... Read more

    Affected Products : edge_chromium
    • EPSS Score: %0.33
    • Published: Jan. 26, 2024
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-21004

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more

    • Published: Apr. 16, 2024
    • Modified: May. 29, 2025

  • 2.5

    LOW
    CVE-2024-13978

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereferen... Read more

    Affected Products : libtiff
    • Published: Aug. 01, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291775 Results