Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2015-5854

    The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.08
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-5861

    SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-0084

    The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended r... Read more

    • EPSS Score: %1.22
    • Published: Mar. 11, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1108

    The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-5901

    The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-3448

    REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.... Read more

    Affected Products : rest-client
    • EPSS Score: %0.06
    • Published: Apr. 29, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2714

    Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that has a required permission for reading a log, as demonst... Read more

    Affected Products : android firefox
    • EPSS Score: %0.10
    • Published: May. 14, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-8135

    The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "vi... Read more

    Affected Products : libvirt
    • EPSS Score: %0.16
    • Published: Dec. 19, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1116

    The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2618

    Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Input validation.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.15
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1415

    The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the fil... Read more

    Affected Products : freebsd
    • EPSS Score: %0.04
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3873

    The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel ... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Jun. 10, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4367

    Apple iOS before 8 enables Voice Dial during all upgrade actions, which makes it easier for physically proximate attackers to launch unintended calls by speaking a telephone number.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.08
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-0397

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-3757

    Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.05
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4431

    Dock in Apple OS X before 10.10 does not properly manage the screen-lock state, which allows physically proximate attackers to view windows by leveraging an unattended workstation.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Oct. 18, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3602

    Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.... Read more

    Affected Products : openshift openshift
    • EPSS Score: %0.11
    • Published: Nov. 13, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2529

    The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."... Read more

    • EPSS Score: %4.40
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1677

    The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR p... Read more

    • EPSS Score: %3.16
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-5898

    CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.04
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291672 Results