Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2015-5044

    The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote attackers to cause a denial of service via unspecified packets.... Read more

    • Published: Nov. 08, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2010-3316

    The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a ... Read more

    Affected Products : linux-pam
    • Published: Jan. 24, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2015-4946

    Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x bef... Read more

    • Published: Jan. 03, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2015-5045

    The Administration and Reporting tool in IBM Rational License Key Server (RLKS) before 8.1.4.9 iFix 04 allows local users to obtain sensitive information via unspecified vectors. IBM X-Force ID: 106938.... Read more

    Affected Products : rational_license_key_server
    • Published: Mar. 26, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-38388

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup Use the control private_free callback to free the associated data block. This ensures that the memory won't leak, whatever way... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Apr. 01, 2025

  • 3.3

    LOW
    CVE-2021-1034

    In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check. This could lead to localinformation disclosure with no additional execu... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-1753

    Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."... Read more

    Affected Products : coccinelle
    • Published: May. 22, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2016-3469

    Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related to Services.... Read more

    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-5525

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.... Read more

    Affected Products : solaris_cluster
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2010-0156

    Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.... Read more

    Affected Products : puppet
    • Published: Mar. 03, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-1032

    In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional exec... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-10118

    Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.... Read more

    Affected Products : firejail
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-5508

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo.... Read more

    Affected Products : solaris_cluster
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2021-1018

    In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional executi... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-5490

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.4.0 allows local users to affect confidentiality via vectors related to INFRA.... Read more

    Affected Products : flexcube_universal_banking
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2022-48939

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1:1:27 blocked for more than 140 seconds. INFO: task hun... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 22, 2024

  • 3.3

    LOW
    CVE-2016-5432

    The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.... Read more

    • Published: Oct. 03, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-2565

    Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.... Read more

    Affected Products : galaxy_s6_firmware galaxy_s6
    • Published: Apr. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-0989

    In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-5080

    The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which mi... Read more

    Affected Products : groff
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294690 Results