Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2021-27456

    Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access control.... Read more

    • EPSS Score: %0.08
    • Published: Mar. 23, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-25409

    Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-13087

    A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the... Read more

    Affected Products :
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Injection

  • 2.4

    LOW
    CVE-2023-39842

    Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.... Read more

    • EPSS Score: %0.01
    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-46383

    Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.... Read more

    Affected Products :
    • Published: Nov. 15, 2024
    • Modified: Nov. 18, 2024

  • 2.4

    LOW
    CVE-2021-21740

    There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information th... Read more

    Affected Products : zxhn_h2640_firmware zxhn_h2640
    • EPSS Score: %0.05
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2014-0404

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different... Read more

    Affected Products : vm_virtualbox
    • EPSS Score: %0.06
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2021-30816

    The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.05
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-42874

    This issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2. Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard.... Read more

    Affected Products : macos
    • EPSS Score: %0.07
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-26703

    An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A person with physical access to an iOS device may be able to access photos from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.07
    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-30918

    A Lock Screen issue was addressed with improved state management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.0.1 and iPadOS 15.0.1. A user may be able to view restricted content from the Lock Screen.... Read more

    Affected Products : macos iphone_os ipad_os ipados
    • EPSS Score: %0.07
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-22599

    Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. A person with physical access to a device may be able to use Siri to obtain s... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.11
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-30956

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private contact in... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.06
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-1421

    Data provided in a request performed to the server while activating a new device are put in a database. Other high privileged users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker c... Read more

    Affected Products :
    • Published: May. 21, 2025
    • Modified: May. 21, 2025

  • 2.4

    LOW
    CVE-2024-3629

    The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack... Read more

    Affected Products : hl_twitter
    • Published: May. 15, 2024
    • Modified: May. 15, 2025

  • 2.4

    LOW
    CVE-2019-19561

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • EPSS Score: %0.06
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-1862

    Description: A person with physical access may be able to access contacts. This issue is fixed in iOS 14.5 and iPadOS 14.5. Impact: An issue with Siri search access to information was addressed with improved logic.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.06
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-23240

    The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.... Read more

    Affected Products : iphone_os ipad_os ipados
    • Published: Mar. 08, 2024
    • Modified: Dec. 06, 2024

  • 2.4

    LOW
    CVE-2024-20855

    Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical attackers to access unlocked screen for a while.... Read more

    Affected Products : android android dex
    • Published: May. 07, 2024
    • Modified: Feb. 07, 2025

  • 2.4

    LOW
    CVE-2024-12801

    Server-Side Request Forgery (SSRF) in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12  on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the... Read more

    Affected Products :
    • Published: Dec. 19, 2024
    • Modified: Jan. 03, 2025
Showing 20 of 291741 Results