Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2017-7407

    The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument e... Read more

    Affected Products : curl
    • Published: Apr. 03, 2017
    • Modified: Apr. 20, 2025

  • 2.4

    LOW
    CVE-2024-46939

    The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers can construct parameters to perform path traversal attacks, which can overwrite local specific files... Read more

    Affected Products :
    • Published: Nov. 28, 2024
    • Modified: Nov. 28, 2024

  • 2.4

    LOW
    CVE-2023-0195

    NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver nvlddmkm.sys, where an can cause CWE-1284, which may lead to hypothetical Information leak of unimportant data such as local variable data of the driver... Read more

    Affected Products : windows virtual_gpu
    • Published: Apr. 01, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-22075

    Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any Vie... Read more

    Affected Products : database_server
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-8742

    The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen.... Read more

    Affected Products : iphone_os
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-29063

    The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encry... Read more

    • Published: Nov. 28, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-8732

    The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device.... Read more

    Affected Products : iphone_os
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2018-21073

    An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) (Galaxy S9+, Galaxy S9, Galaxy S8+, Galaxy S8, Note 8). There is access to Clipboard content in the locked state via the Edge panel. The Samsung ID is SVE-2017-10748 (May 2018).... Read more

    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-42874

    This issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2. Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-40529

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17 and iPadOS 17. A person with physical access to a device may be able to use VoiceOver to access private calendar information.... Read more

    Affected Products : iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 2.4

    LOW
    CVE-2024-13087

    A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the... Read more

    Affected Products :
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Injection

  • 2.4

    LOW
    CVE-2022-32872

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 20, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-3430

    A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been classified as problematic. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an un... Read more

    Affected Products :
    • Published: Apr. 07, 2024
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-21454

    Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.... Read more

    Affected Products : android android dex
    • Published: Mar. 16, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-1863

    An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed with improved action authentication. This issue is fixed in iOS 14.5 and iPadOS 14.5. A person with physical access to an iOS device may be able to place phon... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2016-11027

    An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016-7132 (December 2016).... Read more

    Affected Products : android
    • Published: Apr. 07, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2017-2705

    Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone ac... Read more

    Affected Products : p9_firmware p9
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 2.4

    LOW
    CVE-2022-36876

    Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.... Read more

    Affected Products : samsung_pass pass
    • Published: Sep. 09, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-4624

    Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.... Read more

    Affected Products : bookstack
    • Published: Aug. 30, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-1421

    Data provided in a request performed to the server while activating a new device are put in a database. Other high privileged users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker c... Read more

    Affected Products :
    • Published: May. 21, 2025
    • Modified: May. 21, 2025
Showing 20 of 293656 Results