Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2022-32879

    A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 2.4

    LOW
    CVE-2023-39843

    Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.... Read more

    • EPSS Score: %0.01
    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-31224

    Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior... Read more

    • EPSS Score: %0.11
    • Published: Sep. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-34682

    Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 13, 2024

  • 2.4

    LOW
    CVE-2021-25513

    An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2014-0406

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different... Read more

    Affected Products : vm_virtualbox
    • EPSS Score: %0.06
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2010-2397

    Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI.... Read more

    • EPSS Score: %0.05
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2020-12039

    Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus includi... Read more

    • EPSS Score: %0.06
    • Published: Jun. 29, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-19563

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • EPSS Score: %0.06
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-8777

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A local attacke... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.04
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-19557

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • EPSS Score: %0.06
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-4071

    In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASIC_AUTH_LOGIN and BASIC_AUTH_PASSWORD is set. Currently the string comparison between configured cre... Read more

    Affected Products : django-basic-auth-ip-whitelist
    • EPSS Score: %0.11
    • Published: Jun. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-42496

    Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device t... Read more

    Affected Products :
    • Published: Sep. 30, 2024
    • Modified: Sep. 30, 2024

  • 2.4

    LOW
    CVE-2025-27432

    The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. By executing the specific ABAP method within the ABAP system, an unauthor... Read more

    Affected Products :
    • Published: Mar. 11, 2025
    • Modified: Mar. 11, 2025
    • Vuln Type: Authorization

  • 2.4

    LOW
    CVE-2019-8732

    The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2006-6476

    FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 (all interfaces), opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a den... Read more

    Affected Products : first_response
    • EPSS Score: %0.07
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 2.4

    LOW
    CVE-2024-3823

    The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack... Read more

    Affected Products : base64_encoderdecoder
    • Published: May. 15, 2024
    • Modified: May. 15, 2025

  • 2.4

    LOW
    CVE-2024-32325

    TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.... Read more

    Affected Products : ex200_firmware ex200
    • Published: Apr. 18, 2024
    • Modified: May. 13, 2025

  • 2.4

    LOW
    CVE-2022-20245

    In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploita... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2017-8087

    Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory via via unspecified vectors.... Read more

    Affected Products : fritz\!os fritz\!box_7490
    • EPSS Score: %0.15
    • Published: Oct. 22, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291573 Results