Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2020-1795

    There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series ... Read more

    • Published: Mar. 20, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-8732

    The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device.... Read more

    Affected Products : iphone_os
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-20534

    An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can view home-screen wallpaper by adjusting the brightness of a locked screen. The Samsung ID is SVE-2019-15540 (December 2019).... Read more

    Affected Products : android
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-20559

    An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery allows viewing of photos on the lock screen. The Samsung ID is SVE-2019-15055 (October 2019).... Read more

    Affected Products : android
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-4071

    In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASIC_AUTH_LOGIN and BASIC_AUTH_PASSWORD is set. Currently the string comparison between configured cre... Read more

    Affected Products : django-basic-auth-ip-whitelist
    • Published: Jun. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-39843

    Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.... Read more

    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-5213

    Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify th... Read more

    Affected Products : honor_play_firmware honor_play
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-11606

    An issue was discovered on Samsung mobile devices with Q(10.0) software. Information about application preview (in the Secure Folder) leaks on a locked device. The Samsung ID is SVE-2019-16463 (April 2020).... Read more

    Affected Products : android
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-34649

    Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.... Read more

    Affected Products : android android
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 2.4

    LOW
    CVE-2023-20528

    Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. ... Read more

    • Published: Jan. 11, 2023
    • Modified: Apr. 07, 2025

  • 2.4

    LOW
    CVE-2020-9083

    HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability. The attacker can enter a large amount of text on the phone. Due to insufficient verification of the parameter, successful exploita... Read more

    Affected Products : mate_20_firmware mate_20
    • Published: Sep. 03, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-36857

    Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.... Read more

    Affected Products : android dex photo_editor
    • Published: Sep. 09, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-21740

    There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information th... Read more

    Affected Products : zxhn_h2640_firmware zxhn_h2640
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-39043

    Juiker app stores debug logs which contains sensitive information to mobile external storage. An unauthenticated physical attacker can access these files to acquire partial user information such as personal contacts.... Read more

    Affected Products : juiker
    • Published: Mar. 27, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-1755

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A person with physical access to an iOS device may be able to access contacts from the... Read more

    Affected Products : macos
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-41181

    Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the v... Read more

    Affected Products : talk nextcloud_server notes
    • Published: Mar. 08, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-48506

    A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymizat... Read more

    Affected Products : democracy_suite
    • Published: Jun. 19, 2023
    • Modified: Jan. 02, 2025

  • 2.4

    LOW
    CVE-2025-30469

    This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4. A person with physical access to an iOS device may be able to access photos from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Mar. 31, 2025
    • Modified: Apr. 04, 2025

  • 2.4

    LOW
    CVE-2025-23074

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Mediawiki - SocialProfile Extension allows Functionality Misuse.This issue affects Mediawiki - SocialProfile Extension: from 1.39.X before 1.39.11, from 1.41.... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Information Disclosure

  • 2.4

    LOW
    CVE-2022-46717

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2. A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features... Read more

    Affected Products : iphone_os ipados
    • Published: Apr. 10, 2023
    • Modified: Feb. 11, 2025
Showing 20 of 293354 Results