Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2019-8599

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes.... Read more

    Affected Products : iphone_os
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-30918

    A Lock Screen issue was addressed with improved state management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.0.1 and iPadOS 15.0.1. A user may be able to view restricted content from the Lock Screen.... Read more

    Affected Products : macos iphone_os ipad_os ipados
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-8352

    In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes.... Read more

    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-48909

    SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version 1.35.0 and prior to version 1.37.1, clients that have enabled `LookupResources2` and have caveats in the evaluation path for their re... Read more

    Affected Products : spicedb
    • Published: Oct. 14, 2024
    • Modified: Oct. 17, 2024

  • 2.4

    LOW
    CVE-2024-22412

    ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access control... Read more

    Affected Products : clickhouse
    • Published: Mar. 18, 2024
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-46724

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Aug. 14, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-46717

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2. A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features... Read more

    Affected Products : iphone_os ipados
    • Published: Apr. 10, 2023
    • Modified: Feb. 11, 2025

  • 2.4

    LOW
    CVE-2024-44179

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a device may be able to read contact numbers from the ... Read more

    Affected Products : macos iphone_os ipados
    • Published: Mar. 10, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Information Disclosure

  • 2.4

    LOW
    CVE-2024-40822

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. An attacker with physical access to a device may be able to access ... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 27, 2025

  • 2.4

    LOW
    CVE-2024-4692

    Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization confi... Read more

    Affected Products : application_automation_tools
    • Published: Oct. 16, 2024
    • Modified: Oct. 21, 2024

  • 2.4

    LOW
    CVE-2021-1862

    Description: A person with physical access may be able to access contacts. This issue is fixed in iOS 14.5 and iPadOS 14.5. Impact: An issue with Siri search access to information was addressed with improved logic.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-32325

    TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.... Read more

    Affected Products : ex200_firmware ex200
    • Published: Apr. 18, 2024
    • Modified: May. 13, 2025

  • 2.4

    LOW
    CVE-2022-22599

    Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. A person with physical access to a device may be able to use Siri to obtain s... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-30816

    The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information.... Read more

    Affected Products : iphone_os ipados
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-30956

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private contact in... Read more

    Affected Products : iphone_os ipados
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-30469

    This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4. A person with physical access to an iOS device may be able to access photos from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Mar. 31, 2025
    • Modified: Apr. 04, 2025

  • 2.4

    LOW
    CVE-2025-27432

    The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. By executing the specific ABAP method within the ABAP system, an unauthor... Read more

    Affected Products :
    • Published: Mar. 11, 2025
    • Modified: Mar. 11, 2025
    • Vuln Type: Authorization

  • 2.4

    LOW
    CVE-2025-23074

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Mediawiki - SocialProfile Extension allows Functionality Misuse.This issue affects Mediawiki - SocialProfile Extension: from 1.39.X before 1.39.11, from 1.41.... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Information Disclosure

  • 2.4

    LOW
    CVE-2024-27314

    Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SD... Read more

    • Published: May. 27, 2024
    • Modified: Jun. 17, 2025

  • 2.4

    LOW
    CVE-2024-29338

    Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via /anchor/admin/categories/delete/2.... Read more

    Affected Products : anchor_cms
    • Published: Mar. 22, 2024
    • Modified: Mar. 28, 2025
Showing 20 of 293508 Results