Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-17264

    In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in ... Read more

    Affected Products : liblnk
    • Published: Oct. 06, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-0012

    The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.... Read more

    Affected Products : firefox spice-xpi
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-11884

    The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0'... Read more

    • Published: May. 10, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-17054

    atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-4648

    The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2019-17401

    libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_location_information_read_data in liblnk_location_information.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as... Read more

    Affected Products : liblnk
    • Published: Oct. 09, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-0037

    In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is no... Read more

    Affected Products : android
    • Published: Feb. 16, 2024
    • Modified: Dec. 03, 2024

  • 3.3

    LOW
    CVE-2024-0123

    NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit... Read more

    Affected Products : cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 3.3

    LOW
    CVE-2020-10698

    A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed. However, critical data should not be disclosed, as it ... Read more

    Affected Products : ansible_tower
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-0076

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of ... Read more

    Affected Products : cuda_toolkit
    • Published: Apr. 05, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-34339

    In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message... Read more

    Affected Products : ktor
    • Published: Jun. 01, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-35990

    The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user has installed.... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-47112

    7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.... Read more

    Affected Products : 7-zip
    • Published: Apr. 19, 2025
    • Modified: Aug. 18, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2023-5551

    Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.... Read more

    • Published: Nov. 09, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-40405

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Oct. 25, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-34321

    Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a gues... Read more

    Affected Products : xen
    • Published: Jan. 05, 2024
    • Modified: Apr. 17, 2025

  • 3.3

    LOW
    CVE-2023-28194

    The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen.... Read more

    Affected Products : iphone_os ipad_os ipados
    • Published: May. 08, 2023
    • Modified: Jan. 29, 2025

  • 3.3

    LOW
    CVE-2022-46781

    An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0... Read more

    • Published: Apr. 06, 2023
    • Modified: Feb. 12, 2025

  • 3.3

    LOW
    CVE-2023-34442

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <... Read more

    Affected Products : camel
    • Published: Jul. 10, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-28764

    The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insuf... Read more

    • Published: Nov. 14, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293605 Results