Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.8

    LOW
    CVE-2015-0511

    Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.... Read more

    Affected Products : mysql
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2023-41817

    An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2024-30204

    In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.... Read more

    Affected Products : debian_linux emacs org_mode
    • Published: Mar. 25, 2024
    • Modified: May. 01, 2025

  • 2.8

    LOW
    CVE-2023-3674

    A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as ... Read more

    Affected Products : enterprise_linux fedora keylime
    • Published: Jul. 19, 2023
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2023-45733

    Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access.... Read more

    Affected Products :
    • Published: May. 16, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2018-3084

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Core / Client). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure w... Read more

    • Published: Jul. 18, 2018
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2025-1699

    An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access.... Read more

    Affected Products :
    • Published: Jun. 11, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Authorization

  • 2.8

    LOW
    CVE-2024-2314

    If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not a... Read more

    • Published: Mar. 10, 2024
    • Modified: Aug. 26, 2025

  • 2.8

    LOW
    CVE-2016-5480

    Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.... Read more

    Affected Products : solaris
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2023-31326

    Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Information Disclosure

  • 2.8

    LOW
    CVE-2019-2850

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2014-2432

    Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.... Read more

    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2012-1743

    Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround.... Read more

    Affected Products : industry_applications
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2015-2566

    Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.... Read more

    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2015-7494

    A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domai... Read more

    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 2.8

    LOW
    CVE-2020-6824

    Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and genera... Read more

    Affected Products : firefox
    • Published: Apr. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2025-24324

    Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authentication

  • 2.8

    LOW
    CVE-2016-3251

    The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensiti... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 2.7

    LOW
    CVE-2024-3177

    A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the e... Read more

    Affected Products : kubernetes
    • Published: Apr. 22, 2024
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2024-37253

    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in WpDirectoryKit WP Directory Kit allows Code Injection.This issue affects WP Directory Kit: from n/a through 1.3.6.... Read more

    Affected Products : wp_directory_kit
    • Published: Jul. 09, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 293499 Results