Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 2.3

    LOW
    CVE-2017-8118

    The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak.... Read more

    Affected Products : uma
    • EPSS Score: %0.03
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025
  • 2.3

    LOW
    CVE-2023-22313

    Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.04
    • Published: Nov. 14, 2023
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2024-51745

    Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special devi... Read more

    Affected Products : wasmtime
    • Published: Nov. 05, 2024
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2024-51756

    The cap-std project is organized around the eponymous `cap-std` crate, and develops libraries to make it easy to write capability-based code. cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", ... Read more

    Affected Products :
    • Published: Nov. 05, 2024
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2022-33699

    Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2025-22482

    A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed t... Read more

    Affected Products : qsync_central
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Information Disclosure
  • 2.3

    LOW
    CVE-2024-36032

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in ... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2024-51758

    Filament is a collection of full-stack components for accelerated Laravel development. All Filament features that interact with storage use the `default_filesystem_disk` config option. This allows the user to easily swap their storage driver to something ... Read more

    Affected Products : filament
    • Published: Nov. 07, 2024
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2024-12056

    The Client secret is not checked when using the OAuth Password grant type. By exploiting this vulnerability, an attacker could connect to a web server using a client application not explicitly authorized as part of the OAuth deployment. Exploitation requ... Read more

    Affected Products :
    • Published: Dec. 04, 2024
    • Modified: Dec. 04, 2024
  • 2.3

    LOW
    CVE-2017-10292

    Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to ... Read more

    Affected Products : database
    • EPSS Score: %0.07
    • Published: Oct. 19, 2017
    • Modified: Apr. 20, 2025
  • 2.3

    LOW
    CVE-2022-31223

    Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system.... Read more

    • EPSS Score: %0.04
    • Published: Sep. 12, 2022
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2024-23591

    ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel... Read more

    • Published: Feb. 16, 2024
    • Modified: Jul. 23, 2025
  • 2.3

    LOW
    CVE-2021-47440

    In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devm_regmap_init_encx24j600 devm_regmap_init may return error which caused by like out of memory, this will results in null pointer dereference later whe... Read more

    Affected Products : linux_kernel
    • Published: May. 22, 2024
    • Modified: Apr. 02, 2025
  • 2.3

    LOW
    CVE-2024-28238

    Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places (e.g., we... Read more

    Affected Products : directus
    • Published: Mar. 12, 2024
    • Modified: Jan. 03, 2025
  • 2.3

    LOW
    CVE-2021-21726

    Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges can cause process exception by repeatedly inputting illeg... Read more

    • EPSS Score: %0.05
    • Published: Mar. 12, 2021
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2021-22887

    A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BI... Read more

    • EPSS Score: %0.06
    • Published: Mar. 16, 2021
    • Modified: Nov. 21, 2024
  • 2.3

    LOW
    CVE-2017-15307

    Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on specific device information.... Read more

    Affected Products : honor_8_firmware honor_8
    • EPSS Score: %0.02
    • Published: Dec. 22, 2017
    • Modified: Apr. 20, 2025
  • 2.3

    LOW
    CVE-2025-53029

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracl... Read more

    Affected Products : vm_virtualbox
    • Published: Jul. 15, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Information Disclosure
  • 2.3

    LOW
    CVE-2025-24369

    Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by reques... Read more

    Affected Products :
    • Published: Jan. 27, 2025
    • Modified: Jan. 27, 2025
    • Vuln Type: Authentication
  • 2.3

    LOW
    CVE-2025-3864

    Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue ... Read more

    Affected Products :
    • Published: May. 28, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291562 Results