Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-3436

    Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream. ... Read more

    Affected Products : xpdf
    • Published: Jun. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-0009

    The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 ... Read more

    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2013-5171

    CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-37703

    In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking t... Read more

    Affected Products : amanda
    • Published: Sep. 13, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-3419

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem.... Read more

    Affected Products : solaris
    • Published: Apr. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-48939

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1:1:27 blocked for more than 140 seconds. INFO: task hun... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 22, 2024

  • 3.3

    LOW
    CVE-2015-9543

    An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setu... Read more

    Affected Products : nova
    • Published: Feb. 19, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0205

    A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394.... Read more

    Affected Products : cloud_orchestrator
    • Published: Aug. 30, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-23114

    Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.... Read more

    Affected Products : publish_over_ssh
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-0275

    IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (... Read more

    Affected Products : financial_transaction_manager
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-25404

    Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.... Read more

    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-1000150

    An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.... Read more

    Affected Products : reverse_proxy_auth
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-52703

    In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path syzbot reported that act_len in kalmia_send_init_packet() is uninitialized when passing it to the first usb_bulk_msg error... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-47060

    Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations su... Read more

    Affected Products : macos premiere_pro windows
    • Published: Nov. 16, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-23287

    NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit of this vulnerability may lead to Information disclosure.... Read more

    Affected Products :
    • Published: Aug. 02, 2025
    • Modified: Aug. 04, 2025

  • 3.3

    LOW
    CVE-2021-25439

    Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.... Read more

    Affected Products : android members
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-8134

    The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted appli... Read more

    • Published: Dec. 12, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2017-3498

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where So... Read more

    Affected Products : solaris solaris
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-3474

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Sola... Read more

    Affected Products : solaris solaris
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-17294

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C0... Read more

    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 294071 Results