Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.5

    LOW
    CVE-2025-5648

    A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2018-6262

    NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure.... Read more

    Affected Products : geforce_experience
    • Published: Oct. 02, 2018
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-11035

    Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak vulnerability, which s a type of issue whereby sensitive information may b exposed due to a vulnerability in software.... Read more

    Affected Products :
    • Published: Mar. 05, 2025
    • Modified: Mar. 05, 2025
    • Vuln Type: Information Disclosure

  • 2.5

    LOW
    CVE-2023-52746

    In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() int type = nla_type(nla); if (type > XFRMA_MAX) { return -EOPNOTSUPP; } @type is then used as... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 02, 2025

  • 2.5

    LOW
    CVE-2019-1573

    GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session ... Read more

    Affected Products : globalprotect
    • Published: Apr. 09, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2018-2922

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where So... Read more

    Affected Products : solaris solaris
    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2017-18869

    A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.... Read more

    Affected Products : chownr
    • Published: Jun. 15, 2020
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2021-33604

    URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local user to execute arbitrary JavaScript code by opening craf... Read more

    Affected Products : vaadin flow-server
    • Published: Jun. 24, 2021
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-55539

    Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 (Linux) before build 39938.... Read more

    • Published: Dec. 23, 2024
    • Modified: Jun. 04, 2025

  • 2.5

    LOW
    CVE-2015-7435

    IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows local... Read more

    Affected Products : tivoli_common_reporting
    • Published: Jan. 02, 2016
    • Modified: Apr. 12, 2025

  • 2.5

    LOW
    CVE-2020-8013

    A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously ... Read more

    Affected Products : leap linux_enterprise_server
    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2025-8534

    A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch th... Read more

    Affected Products : libtiff
    • Published: Aug. 05, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2021-43566

    All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the... Read more

    Affected Products : samba
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2025-9383

    A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/passwd. The manipulation leads to use of weak hash. The attack can only be performed from a local environment. T... Read more

    Affected Products :
    • Published: Aug. 24, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Cryptography

  • 2.5

    LOW
    CVE-2025-9589

    A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is... Read more

    Affected Products :
    • Published: Aug. 28, 2025
    • Modified: Aug. 29, 2025
    • Vuln Type: Authentication

  • 2.5

    LOW
    CVE-2023-31330

    An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2025-1376

    A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to lau... Read more

    Affected Products :
    • Published: Feb. 17, 2025
    • Modified: Feb. 17, 2025
    • Vuln Type: Denial of Service

  • 2.5

    LOW
    CVE-2020-8912

    A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them ... Read more

    Affected Products : aws_s3_crypto_sdk
    • Published: Aug. 11, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-32870

    A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user with physical access to a device may be able to use Siri to obtain some call history information.... Read more

    Affected Products : macos iphone_os watchos
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 2.4

    LOW
    CVE-2022-20529

    In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User intera... Read more

    Affected Products : android
    • Published: Dec. 16, 2022
    • Modified: Apr. 18, 2025
Showing 20 of 293435 Results