Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2024-4211

    Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been disc... Read more

    Affected Products : application_automation_tools
    • Published: Oct. 16, 2024
    • Modified: Oct. 21, 2024

  • 2.4

    LOW
    CVE-2024-40851

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Oct. 28, 2024
    • Modified: Oct. 30, 2024

  • 2.4

    LOW
    CVE-2025-52580

    Insertion of sensitive information into log file issue exists in "region PAY" App for Android prior to 1.5.28. If exploited, sensitive user information may be exposed to an attacker who has access to the application logs.... Read more

    Affected Products :
    • Published: Jul. 22, 2025
    • Modified: Jul. 22, 2025
    • Vuln Type: Information Disclosure

  • 2.4

    LOW
    CVE-2024-46939

    The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers can construct parameters to perform path traversal attacks, which can overwrite local specific files... Read more

    Affected Products :
    • Published: Nov. 28, 2024
    • Modified: Nov. 28, 2024

  • 2.4

    LOW
    CVE-2021-30915

    A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A person with physical access to an iOS de... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • EPSS Score: %0.11
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-1419

    Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite)... Read more

    Affected Products :
    • Published: May. 21, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.4

    LOW
    CVE-2025-1420

    Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server... Read more

    Affected Products :
    • Published: May. 21, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.4

    LOW
    CVE-2022-22599

    Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. A person with physical access to a device may be able to use Siri to obtain s... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.11
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-44179

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a device may be able to read contact numbers from the ... Read more

    Affected Products : macos iphone_os ipados
    • Published: Mar. 10, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Information Disclosure

  • 2.4

    LOW
    CVE-2021-1863

    An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed with improved action authentication. This issue is fixed in iOS 14.5 and iPadOS 14.5. A person with physical access to an iOS device may be able to place phon... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.05
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-31224

    Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior... Read more

    • EPSS Score: %0.11
    • Published: Sep. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-39843

    Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.... Read more

    • EPSS Score: %0.01
    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-3823

    The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack... Read more

    Affected Products : base64_encoderdecoder
    • Published: May. 15, 2024
    • Modified: May. 15, 2025

  • 2.4

    LOW
    CVE-2024-3124

    A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an u... Read more

    Affected Products :
    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-27814

    This issue was addressed through improved state management. This issue is fixed in watchOS 10.5. A person with physical access to a device may be able to view contact information from the lock screen.... Read more

    Affected Products : watchos
    • Published: Jun. 10, 2024
    • Modified: Mar. 29, 2025

  • 2.4

    LOW
    CVE-2018-21073

    An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) (Galaxy S9+, Galaxy S9, Galaxy S8+, Galaxy S8, Note 8). There is access to Clipboard content in the locked state via the Edge panel. The Samsung ID is SVE-2017-10748 (May 2018).... Read more

    • EPSS Score: %0.02
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-15622

    Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries.... Read more

    Affected Products : nextcloud
    • EPSS Score: %0.13
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2017-8087

    Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory via via unspecified vectors.... Read more

    Affected Products : fritz\!os fritz\!box_7490
    • EPSS Score: %0.15
    • Published: Oct. 22, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2011-2343

    The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-5308

    Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third d... Read more

    Affected Products : mate_20_rs_firmware mate_20_rs
    • EPSS Score: %0.06
    • Published: Nov. 29, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291623 Results