Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.2

    LOW
    CVE-2021-27260

    This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to explo... Read more

    Affected Products : parallels_desktop
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-25742

    pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.... Read more

    Affected Products : qemu
    • Published: Oct. 06, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-25743

    hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.... Read more

    • Published: Oct. 06, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-25084

    QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.... Read more

    Affected Products : debian_linux qemu
    • Published: Sep. 25, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2012-5512

    Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.... Read more

    Affected Products : xenserver
    • Published: Dec. 13, 2012
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2013-5883

    Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2009-3413

    Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-... Read more

    Affected Products : database_server
    • Published: Jan. 13, 2010
    • Modified: Apr. 09, 2025

  • 3.2

    LOW
    CVE-2012-1995

    Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors.... Read more

    Affected Products : systems_insight_manager
    • Published: Mar. 11, 2013
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2012-1993

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.... Read more

    Affected Products : system_management_homepage
    • Published: Apr. 18, 2012
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2023-29184

    An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests.... Read more

    Affected Products : fortios fortiproxy
    • Published: Jun. 10, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2007-0282

    Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02.... Read more

    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 3.2

    LOW
    CVE-2010-2382

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : solaris
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2023-20573

    A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. ... Read more

    • Published: Jan. 11, 2024
    • Modified: Jun. 20, 2025

  • 3.2

    LOW
    CVE-2020-26925

    NETGEAR GS808E devices before 1.7.1.0 are affected by denial of service.... Read more

    Affected Products : gs808e_firmware gs808e
    • Published: Oct. 09, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2024-36331

    Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 3.2

    LOW
    CVE-2018-1725

    IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. IBM X-Force ID: 147440.... Read more

    • Published: Nov. 05, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2025-27839

    operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may n... Read more

    Affected Products :
    • Published: Mar. 08, 2025
    • Modified: Mar. 08, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2021-36170

    An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.... Read more

    Affected Products : fortimanager fortianalyzer
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2025-52991

    The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially l... Read more

    Affected Products : nix
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2022-26354

    A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.... Read more

    Affected Products : debian_linux qemu
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293414 Results