Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.3

    LOW
    CVE-2024-51539

    The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerability can only be exploited locally on ... Read more

    Affected Products :
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Injection

  • 2.3

    LOW
    CVE-2020-9252

    HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C... Read more

    • EPSS Score: %0.03
    • Published: Jul. 17, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-20045

    In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS080247... Read more

    Affected Products : android mt6833 mt6835 mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 mt6879 +24 more products
    • Published: Apr. 01, 2024
    • Modified: Apr. 23, 2025

  • 2.3

    LOW
    CVE-2022-31221

    Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system.... Read more

    • EPSS Score: %0.04
    • Published: Sep. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-48866

    An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state. We have already fi... Read more

    Affected Products : quts_hero qts
    • Published: Dec. 06, 2024
    • Modified: Dec. 06, 2024

  • 2.3

    LOW
    CVE-2019-4394

    IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email. IBM X-Force ID: 162232.... Read more

    Affected Products : cloud_orchestrator
    • EPSS Score: %0.09
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2025-2517

    Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager.... Read more

    Affected Products :
    • Published: Apr. 21, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Misconfiguration

  • 2.3

    LOW
    CVE-2023-31304

    Improper input validation in SMU may allow an attacker with privileges and a compromised physical function (PF)     to modify the PCIe® lane count and speed, potentially leading to a loss of availability.... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Nov. 04, 2024

  • 2.3

    LOW
    CVE-2021-34397

    Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.... Read more

    • EPSS Score: %0.06
    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2020-0029

    In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for ... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2023-22313

    Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.04
    • Published: Nov. 14, 2023
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-51756

    The cap-std project is organized around the eponymous `cap-std` crate, and develops libraries to make it easy to write capability-based code. cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", ... Read more

    Affected Products :
    • Published: Nov. 05, 2024
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-51745

    Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special devi... Read more

    Affected Products : wasmtime
    • Published: Nov. 05, 2024
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2020-23250

    GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.... Read more

    Affected Products : gigavue-os
    • EPSS Score: %0.03
    • Published: Jan. 05, 2021
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2022-23744

    Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.... Read more

    Affected Products : endpoint_security harmony_endpoint
    • EPSS Score: %0.12
    • Published: Jul. 07, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2017-15307

    Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on specific device information.... Read more

    Affected Products : honor_8_firmware honor_8
    • EPSS Score: %0.02
    • Published: Dec. 22, 2017
    • Modified: Apr. 20, 2025

  • 2.3

    LOW
    CVE-2022-33700

    Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2014-2573

    The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM... Read more

    Affected Products : nova compute
    • EPSS Score: %0.11
    • Published: Mar. 25, 2014
    • Modified: Apr. 12, 2025

  • 2.3

    LOW
    CVE-2024-21123

    Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with logon to the infrastructure ... Read more

    Affected Products : database_server
    • Published: Jul. 16, 2024
    • Modified: Jun. 18, 2025

  • 2.3

    LOW
    CVE-2014-1652

    Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified report parameters.... Read more

    Affected Products : web_gateway
    • EPSS Score: %0.54
    • Published: Jun. 18, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291722 Results