Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.9

    LOW
    CVE-2014-6381

    Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a den... Read more

    • Published: Dec. 12, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2016-3485

    Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.... Read more

    Affected Products : jdk jre jrockit
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2025-31160

    atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application exit) or possibly have unspecified other impact by running certain types of unprivileged processes while a different user runs atop.... Read more

    Affected Products : atop
    • Published: Mar. 26, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Denial of Service

  • 2.9

    LOW
    CVE-2013-1572

    The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2012-4454

    openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.... Read more

    Affected Products : opencryptoki
    • Published: Oct. 10, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1589

    Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2016-5480

    Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.... Read more

    Affected Products : solaris
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2016-3251

    The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensiti... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2024-3479

    An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data.... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2024-43167

    DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a ... Read more

    Affected Products :
    • Published: Aug. 12, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2024-53878

    NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 2.8

    LOW
    CVE-2019-2850

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2024-42186

    BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can allow improper handling of SSL certificates validation.... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Misconfiguration

  • 2.8

    LOW
    CVE-2025-24324

    Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authentication

  • 2.8

    LOW
    CVE-2023-41825

    A path traversal vulnerability was reported in the Motorola Ready For application that could allow a local attacker to access local files.  ... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2025-54314

    Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take con... Read more

    Affected Products :
    • Published: Jul. 20, 2025
    • Modified: Aug. 10, 2025
    • Vuln Type: Injection

  • 2.8

    LOW
    CVE-2023-41817

    An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2015-0511

    Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.... Read more

    Affected Products : mysql
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2018-3084

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Core / Client). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure w... Read more

    • Published: Jul. 18, 2018
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2023-3674

    A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as ... Read more

    Affected Products : enterprise_linux fedora keylime
    • Published: Jul. 19, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293527 Results