Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-28764

    The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insuf... Read more

    • Published: Nov. 14, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-53871

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2020-14415

    oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.... Read more

    Affected Products : ubuntu_linux qemu
    • Published: Aug. 27, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-0125

    NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a ... Read more

    Affected Products : cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 3.3

    LOW
    CVE-2023-38069

    In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases... Read more

    Affected Products : intellij_idea
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-7541

    oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on ... Read more

    Affected Products : ofono
    • Published: Aug. 06, 2024
    • Modified: Aug. 29, 2024

  • 3.3

    LOW
    CVE-2023-25511

    NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division-by-zero error may enable a user to cause a crash, which may lead to a limited denial of service.... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • Published: Apr. 22, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-39978

    ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.... Read more

    Affected Products : fedora imagemagick
    • Published: Aug. 08, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-5105

    The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.... Read more

    Affected Products : blender
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2018-16252

    FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.... Read more

    Affected Products : event_log_explorer
    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-13053

    The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • Published: Jul. 02, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-4016

    Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.... Read more

    Affected Products : fedora procps
    • Published: Aug. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2008-1832

    lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.... Read more

    Affected Products : cecilia
    • Published: Apr. 16, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2024-53407

    In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data.... Read more

    Affected Products : phiewer
    • Published: Jan. 15, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2024-56494

    IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2023-3666

    The Sticky Side Buttons WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disall... Read more

    Affected Products :
    • Published: Sep. 03, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.3

    LOW
    CVE-2024-56811

    IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2019-20625

    An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) (Exynos chipsets) software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 (February 2019).... Read more

    Affected Products : android
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-0759

    IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Race Condition

  • 3.3

    LOW
    CVE-2019-9292

    In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of current foreground process with no additional execution privileges needed. User interaction is not needed for expl... Read more

    Affected Products : android
    • Published: Sep. 27, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 294522 Results