Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.1

    LOW
    CVE-2019-2449

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to... Read more

    • Published: Jan. 16, 2019
    • Modified: Nov. 21, 2024

  • 3.1

    LOW
    CVE-2016-5561

    Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE.... Read more

    Affected Products : solaris
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.1

    LOW
    CVE-2016-7204

    Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."... Read more

    Affected Products : edge
    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 3.1

    LOW
    CVE-2016-3276

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 3.1

    LOW
    CVE-2024-20923

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exp... Read more

    Affected Products : jdk jre graalvm
    • Published: Feb. 17, 2024
    • Modified: Mar. 26, 2025

  • 3.1

    LOW
    CVE-2024-21848

    Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel ... Read more

    Affected Products : mattermost_server mattermost
    • Published: Apr. 05, 2024
    • Modified: Dec. 13, 2024

  • 3.1

    LOW
    CVE-2024-21005

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more

    • Published: Apr. 16, 2024
    • Modified: Dec. 05, 2024

  • 3.1

    LOW
    CVE-2024-22047

    A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user. ... Read more

    Affected Products : audited
    • Published: Jan. 04, 2024
    • Modified: Nov. 21, 2024

  • 3.1

    LOW
    CVE-2017-2739

    The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications.... Read more

    Affected Products : vmall
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 3.1

    LOW
    CVE-2020-11936

    gdbus setgid privilege escalation... Read more

    Affected Products : apport
    • Published: Jan. 31, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Authorization

  • 3.1

    LOW
    CVE-2018-8366

    An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.... Read more

    Affected Products : edge windows_10
    • Published: Sep. 13, 2018
    • Modified: Nov. 21, 2024

  • 3.1

    LOW
    CVE-2024-43411

    CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, th... Read more

    Affected Products : ckeditor
    • Published: Aug. 21, 2024
    • Modified: Aug. 21, 2024

  • 3.1

    LOW
    CVE-2020-2531

    Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unaut... Read more

    Affected Products : business_intelligence
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.1

    LOW
    CVE-2018-0878

    Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an infor... Read more

    • Published: Mar. 14, 2018
    • Modified: Apr. 04, 2025

  • 3.1

    LOW
    CVE-2020-15671

    When typing in a password under certain conditions, a race may have occured where the InputContext was not being correctly set for the input field, resulting in the typed password being saved to the keyboard dictionary. This vulnerability affects Firefox ... Read more

    Affected Products : firefox
    • Published: Oct. 01, 2020
    • Modified: Nov. 21, 2024

  • 3.0

    LOW
    CVE-2014-0361

    The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dependent attackers to obtain sensitive information via uns... Read more

    • Published: Apr. 21, 2014
    • Modified: Apr. 12, 2025

  • 3.0

    LOW
    CVE-2010-2374

    Unspecified vulnerability in Solaris Studio 12 update 1 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : solaris_studio
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2024-20910

    Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracl... Read more

    Affected Products : audit_vault_and_database_firewall
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 3.0

    LOW
    CVE-2011-0821

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp.... Read more

    Affected Products : sunos solaris
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2023-31331

    Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 294836 Results