Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.2

    LOW
    CVE-2010-3508

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Zones.... Read more

    Affected Products : solaris
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2013-5883

    Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2025-52992

    The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content of a store outside of the build sandbox. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and ... Read more

    Affected Products : nix
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2025-48931

    The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort.... Read more

    Affected Products : telemessage
    • Published: May. 28, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cryptography

  • 3.2

    LOW
    CVE-2007-0282

    Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02.... Read more

    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 3.2

    LOW
    CVE-2014-6589

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2014-6590

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2014-6595

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2020-25084

    QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.... Read more

    Affected Products : debian_linux qemu
    • Published: Sep. 25, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-25741

    fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.... Read more

    Affected Products : qemu
    • Published: Oct. 02, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-25723

    A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus US... Read more

    Affected Products : debian_linux qemu
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2023-21991

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the... Read more

    Affected Products : vm_virtualbox
    • Published: Apr. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2021-25333

    Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.... Read more

    Affected Products : pay_mini
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2006-1285

    SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.... Read more

    Affected Products : ghost_solutions_suite norton_ghost
    • Published: Mar. 19, 2006
    • Modified: Apr. 03, 2025

  • 3.2

    LOW
    CVE-2022-29816

    In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible... Read more

    Affected Products : intellij_idea
    • Published: Apr. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2015-5011

    IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check authorization for MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands, which allows local users to bypass intended access restrictions, and start or stop a service, ... Read more

    • Published: Oct. 26, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2021-27260

    This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to explo... Read more

    Affected Products : parallels_desktop
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2025-26428

    In startLockTaskMode of LockTaskController.java, there is a possible lock screen bypass due to a logic error in the code. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for ex... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 3.2

    LOW
    CVE-2024-21977

    Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.... Read more

    Affected Products :
    • Published: Sep. 05, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2024-6126

    A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.... Read more

    Affected Products :
    • Published: Jul. 03, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 293510 Results