Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.5

    LOW
    CVE-2020-8013

    A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously ... Read more

    Affected Products : leap linux_enterprise_server
    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2016-7960

    Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.... Read more

    Affected Products : simatic_step_7
    • Published: Oct. 13, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2024-42184

    BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to download files using the file:// URI scheme.... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Misconfiguration

  • 2.5

    LOW
    CVE-2024-42185

    BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. This allows an attacker to exploit this vulnerability by injecting malicious XML content, which can lead to various issues including denial ... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Injection

  • 2.5

    LOW
    CVE-2025-2149

    A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point leads to improper initializ... Read more

    Affected Products : pytorch pytorch
    • Published: Mar. 10, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Misconfiguration

  • 2.5

    LOW
    CVE-2024-27457

    Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products : tdx_module_software
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 2.5

    LOW
    CVE-2023-4986

    A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. Affected by this vulnerability is an unknown functionality of the file Project.xml. The manipulation leads to password hash with insufficient computational effort.... Read more

    Affected Products : inplant_scada
    • Published: Sep. 15, 2023
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2016-6450

    A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. This vulnerability affects the following products if they are runn... Read more

    Affected Products : ios_xe ios_xe
    • Published: Nov. 19, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2017-1211

    IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could disclose sensitive information to a local user when logging is enabled. IBM X-Force ID: 123851.... Read more

    Affected Products : daeja_viewone
    • Published: Oct. 24, 2017
    • Modified: Apr. 20, 2025

  • 2.5

    LOW
    CVE-2021-2149

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Orac... Read more

    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2025-5648

    A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2018-6262

    NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure.... Read more

    Affected Products : geforce_experience
    • Published: Oct. 02, 2018
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2018-6259

    NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.... Read more

    Affected Products : geforce_experience
    • Published: Aug. 31, 2018
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-11035

    Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak vulnerability, which s a type of issue whereby sensitive information may b exposed due to a vulnerability in software.... Read more

    Affected Products :
    • Published: Mar. 05, 2025
    • Modified: Mar. 05, 2025
    • Vuln Type: Information Disclosure

  • 2.5

    LOW
    CVE-2018-2922

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where So... Read more

    Affected Products : solaris solaris
    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2023-2197

    HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be ... Read more

    Affected Products : vault
    • Published: May. 01, 2023
    • Modified: Jan. 30, 2025

  • 2.5

    LOW
    CVE-2019-1573

    GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session ... Read more

    Affected Products : globalprotect
    • Published: Apr. 09, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2017-1144

    IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033.... Read more

    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 2.5

    LOW
    CVE-2016-3321

    Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet ... Read more

    Affected Products : internet_explorer
    • Published: Aug. 09, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2025-32408

    In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled.... Read more

    Affected Products : iam
    • Published: Apr. 21, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization
Showing 20 of 293309 Results