Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2022-32870

    A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user with physical access to a device may be able to use Siri to obtain some call history information.... Read more

    Affected Products : macos iphone_os watchos
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 2.4

    LOW
    CVE-2023-22075

    Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any Vie... Read more

    Affected Products : database_server
    • EPSS Score: %0.05
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-46724

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.07
    • Published: Aug. 14, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-48909

    SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version 1.35.0 and prior to version 1.37.1, clients that have enabled `LookupResources2` and have caveats in the evaluation path for their re... Read more

    Affected Products : spicedb
    • Published: Oct. 14, 2024
    • Modified: Oct. 17, 2024

  • 2.4

    LOW
    CVE-2020-3891

    A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, watchOS 6.2. A person with physical access to a locked iOS device may be able to respond to messages even when replies are disabled.... Read more

    Affected Products : iphone_os watchos ipad_os
    • EPSS Score: %0.05
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-3828

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts ... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.15
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2017-7058

    An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. The issue involves the "Notifications" component. It allows physically proximate attackers to read unintended notifications on the lock screen.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.08
    • Published: Jul. 20, 2017
    • Modified: Apr. 20, 2025

  • 2.4

    LOW
    CVE-2017-7139

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Phone" component. It allows attackers to obtain sensitive information by leveraging a timing bug to read a secure-content screenshot that occurred during... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 2.4

    LOW
    CVE-2016-1852

    Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen state, which allows physically proximate attackers to obtain sensitive contact and photo information via unspecified vectors.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 2.4

    LOW
    CVE-2023-32365

    The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.04
    • Published: Jun. 23, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2013-7393

    The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2... Read more

    Affected Products : subversion
    • EPSS Score: %0.14
    • Published: Jul. 28, 2014
    • Modified: Apr. 12, 2025

  • 2.4

    LOW
    CVE-2024-32325

    TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.... Read more

    Affected Products : ex200_firmware ex200
    • Published: Apr. 18, 2024
    • Modified: May. 13, 2025

  • 2.4

    LOW
    CVE-2019-19563

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • EPSS Score: %0.06
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-12039

    Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus includi... Read more

    • EPSS Score: %0.06
    • Published: Jun. 29, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-19557

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • EPSS Score: %0.06
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-4071

    In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASIC_AUTH_LOGIN and BASIC_AUTH_PASSWORD is set. Currently the string comparison between configured cre... Read more

    Affected Products : django-basic-auth-ip-whitelist
    • EPSS Score: %0.11
    • Published: Jun. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-42496

    Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device t... Read more

    Affected Products :
    • Published: Sep. 30, 2024
    • Modified: Sep. 30, 2024

  • 2.4

    LOW
    CVE-2020-8352

    In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes.... Read more

    • EPSS Score: %0.06
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-34682

    Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 13, 2024

  • 2.4

    LOW
    CVE-2022-31224

    Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior... Read more

    • EPSS Score: %0.11
    • Published: Sep. 12, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291756 Results