Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.3

    LOW
    CVE-2020-0506

    Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access.... Read more

    Affected Products : graphics_driver
    • EPSS Score: %0.05
    • Published: Mar. 12, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-52800

    veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution (RCE) vulnerability. This doesn't affect the standar... Read more

    Affected Products :
    • Published: Nov. 29, 2024
    • Modified: Nov. 29, 2024

  • 2.3

    LOW
    CVE-2007-3443

    The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sending a certain SIP INVITE message, but not providing an ... Read more

    Affected Products : blackberry_7270
    • EPSS Score: %0.21
    • Published: Jun. 27, 2007
    • Modified: Apr. 09, 2025

  • 2.3

    LOW
    CVE-2022-33693

    Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-6580

    The /n software IPWorks SSH library SFTPServer component can be induced to make unintended filesystem or network path requests when loading a SSH public key or certificate. To be exploitable, an application calling the SFTPServer component must grant user... Read more

    Affected Products :
    • Published: Jul. 08, 2024
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2018-12217

    Insufficient access control in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373... Read more

    Affected Products : graphics_driver
    • EPSS Score: %0.11
    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2025-24806

    Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats the... Read more

    Affected Products : authelia
    • Published: Feb. 19, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Authentication

  • 2.3

    LOW
    CVE-2020-11932

    It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered.... Read more

    Affected Products : subiquity
    • EPSS Score: %1.71
    • Published: May. 13, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2021-40089

    An issue was discovered in PrimeKey EJBCA before 7.6.0. The General Purpose Custom Publisher, which is normally run to invoke a local script upon a publishing operation, was still able to run if the System Configuration setting Enable External Script Acce... Read more

    Affected Products : ejbca
    • EPSS Score: %0.05
    • Published: Aug. 25, 2021
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2023-45152

    Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot b... Read more

    Affected Products : engelsystem
    • EPSS Score: %0.02
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2019-2940

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Create Session privilege with logon to the in... Read more

    Affected Products : database database_server
    • EPSS Score: %0.13
    • Published: Oct. 16, 2019
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2021-3923

    A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • EPSS Score: %0.01
    • Published: Mar. 27, 2023
    • Modified: Feb. 24, 2025

  • 2.3

    LOW
    CVE-2019-12756

    Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.... Read more

    Affected Products : endpoint_protection
    • EPSS Score: %0.07
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2020-0382

    In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitat... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Sep. 17, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2022-33699

    Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-20045

    In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS080247... Read more

    Affected Products : android mt6833 mt6835 mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 mt6879 +24 more products
    • Published: Apr. 01, 2024
    • Modified: Apr. 23, 2025

  • 2.3

    LOW
    CVE-2020-16230

    All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that c... Read more

    • EPSS Score: %0.04
    • Published: Sep. 18, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2023-22313

    Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.04
    • Published: Nov. 14, 2023
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2022-23744

    Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.... Read more

    Affected Products : endpoint_security harmony_endpoint
    • EPSS Score: %0.12
    • Published: Jul. 07, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-20914

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Ora... Read more

    Affected Products : zfs_storage_appliance_kit
    • EPSS Score: %0.10
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025
Showing 20 of 291659 Results