Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-40138

    In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Oct. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-34117

    Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.... Read more

    Affected Products : zoom_software_development_kit
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-3669

    A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.... Read more

    Affected Products : development_system
    • Published: Aug. 03, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-17302

    Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenticated, local att... Read more

    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-37448

    A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen.... Read more

    Affected Products : macos
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-4779

    Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-4774 an... Read more

    Affected Products : berkeley_db
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2011-4497

    QIS_wizard.htm on the ASUS RT-N56U router with firmware before 1.0.1.4o allows remote attackers to obtain the administrator password via a flag=detect request.... Read more

    Affected Products : rt-n56u rt-n56u_firmware
    • Published: Nov. 21, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2018-20946

    cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-20533

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (released in China or India) software. The S Secure app can launch masked apps without a password. The Samsung ID is SVE-2019-13996 (December 2019).... Read more

    Affected Products : android
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-10796

    cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).... Read more

    Affected Products : cpanel
    • Published: Aug. 06, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9440

    In AOSP Email, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of the Email app's protected files with User execution privileges needed. User interaction is needed for exploitation. Product: Android... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-18423

    In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-12209

    Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 p... Read more

    Affected Products : graphics_driver
    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9280

    In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitati... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-20894

    cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-9377

    In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to a local information disclosure of metadata about the biometrics of another ... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-2571

    Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems (component: Templates). The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle... Read more

    Affected Products : vm_server
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-9581

    In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSI_CHANGE and android.net.wifi.STATE_CHANGE intents. This could lead to local information disclosure with no additional execution privileges needed. User interaction i... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-12224

    Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authen... Read more

    Affected Products : graphics_driver windows
    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-20936

    cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 294535 Results