Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.8

    LOW
    CVE-2023-41824

    An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data. ... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2024-2313

    If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are ... Read more

    Affected Products : bpftrace
    • Published: Mar. 10, 2024
    • Modified: Mar. 13, 2025

  • 2.8

    LOW
    CVE-2015-7494

    A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domai... Read more

    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 2.8

    LOW
    CVE-2022-4134

    A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.... Read more

    Affected Products : openstack glance glance
    • Published: Mar. 06, 2023
    • Modified: Mar. 06, 2025

  • 2.8

    LOW
    CVE-2014-2432

    Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.... Read more

    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2014-0420

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication.... Read more

    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2014-0370

    Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Clinical Trip Report.... Read more

    Affected Products : siebel_crm
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2013-6398

    The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote attackers to bypass intended restrictions via a request.... Read more

    Affected Products : cloudstack
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2014-0430

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.... Read more

    Affected Products : mysql
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2012-1743

    Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround.... Read more

    Affected Products : industry_applications
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2024-2314

    If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not a... Read more

    • Published: Mar. 10, 2024
    • Modified: Aug. 26, 2025

  • 2.8

    LOW
    CVE-2024-53921

    An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.... Read more

    Affected Products : windows magician
    • Published: Dec. 03, 2024
    • Modified: Jun. 03, 2025

  • 2.8

    LOW
    CVE-2024-54558

    A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Mar. 10, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Misconfiguration

  • 2.8

    LOW
    CVE-2025-1699

    An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access.... Read more

    Affected Products :
    • Published: Jun. 11, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Authorization

  • 2.8

    LOW
    CVE-2023-31326

    Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Information Disclosure

  • 2.8

    LOW
    CVE-2024-0080

    NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. ... Read more

    Affected Products :
    • Published: Apr. 05, 2024
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2024-20912

    Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle ... Read more

    Affected Products : audit_vault_and_database_firewall
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 2.7

    LOW
    CVE-2025-5416

    A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.... Read more

    Affected Products : keycloak
    • Published: Jun. 20, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Information Disclosure

  • 2.7

    LOW
    CVE-2025-47293

    PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity (XXE) attack and to a server-side request forgery (SSRF) atta... Read more

    Affected Products :
    • Published: Jun. 19, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: XML External Entity

  • 2.7

    LOW
    CVE-2023-32684

    Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the ... Read more

    Affected Products : lima
    • Published: May. 30, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293608 Results