Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-33701

    Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-33697

    Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-27814

    SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option.... Read more

    Affected Products : swhkd
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2001-0131

    htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : debian_linux http_server
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 3.3

    LOW
    CVE-2013-1031

    Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restrictions by visiting an unattended workstation on which a l... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2011-1920

    The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk.... Read more

    Affected Products : netbsd pmake
    • Published: May. 23, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-5564

    android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log.... Read more

    • Published: Feb. 14, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-9102

    There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the... Read more

    • Published: Jul. 17, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-9089

    There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information lea... Read more

    Affected Products : p30_pro_firmware p30_pro
    • Published: Dec. 27, 2024
    • Modified: Jan. 13, 2025

  • 3.3

    LOW
    CVE-2011-1675

    mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE ... Read more

    Affected Products : util-linux util-linux
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2024-34640

    Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.... Read more

    Affected Products : android android
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 3.3

    LOW
    CVE-2012-4288

    Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application... Read more

    Affected Products : wireshark sunos opensuse
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-3368

    bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name.... Read more

    Affected Products : rt request_tracker
    • Published: Aug. 23, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2008-3934

    Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.... Read more

    Affected Products : wireshark
    • Published: Sep. 04, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2017-18397

    cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-14354

    A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulner... Read more

    Affected Products : fedora c-ares
    • Published: May. 13, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-51792

    Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.... Read more

    Affected Products :
    • Published: Apr. 19, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-11869

    An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A maliciou... Read more

    Affected Products : qemu
    • Published: Apr. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-14772

    Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing error messages upon valid and invalid account login att... Read more

    Affected Products : skybox_manager_client_application
    • Published: Oct. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2017-15530

    Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue. Information disclosure is a very common issue that attackers will attempt to exploit as a first pass across the application. As they probe the applicat... Read more

    Affected Products : norton_family
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294072 Results