Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2012-3581

    Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors.... Read more

    Affected Products : messaging_gateway
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-25316

    A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versi... Read more

    Affected Products : linux_enterprise_server s390-tools
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-36085

    The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).... Read more

    Affected Products : fedora selinux
    • Published: Jul. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-0149

    NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.... Read more

    Affected Products :
    • Published: Jan. 28, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2021-38591

    An issue was discovered on LG mobile devices with Android OS P and Q software for mt6762/mt6765/mt6883. Attackers can change some of the NvRAM content by leveraging the misconfiguration of a debug command. The LG ID is LVE-SMP-210005 (August 2021).... Read more

    Affected Products : android
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-50564

    A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped.... Read more

    Affected Products : forticlient
    • Published: Jan. 14, 2025
    • Modified: Jun. 11, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2021-38129

    Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local user to access system monitoring data collected by Ope... Read more

    Affected Products : operations_agent
    • Published: Jan. 25, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-35005

    This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ... Read more

    Affected Products : teamviewer
    • Published: Jan. 24, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-34688

    iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static... Read more

    Affected Products : windows remotepc
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-47738

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no sup... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 3.3

    LOW
    CVE-2021-38205

    drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Aug. 08, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-8908

    A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, o... Read more

    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2020-4629

    IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-F... Read more

    • Published: Sep. 30, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2015-3787

    The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-2877

    Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAI... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Mar. 03, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2008-3933

    Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.... Read more

    Affected Products : wireshark
    • Published: Sep. 04, 2008
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2013-5171

    CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2015-2263

    Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 5.2.x before 5.2.5, and 5.3.x before 5.3.3 uses global read permissions for files in its configuration directory when starting YARN NodeManager, which allows local users to obtain sensitive inf... Read more

    Affected Products : cloudera_manager
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2010-0789

    fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.... Read more

    Affected Products : fuse
    • Published: Mar. 02, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2011-1675

    mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE ... Read more

    Affected Products : util-linux util-linux
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294313 Results