Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2019-19533

    In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-27314

    Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SD... Read more

    • Published: May. 27, 2024
    • Modified: Jun. 17, 2025

  • 2.4

    LOW
    CVE-2013-5762

    Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration.... Read more

    Affected Products : industry_applications
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2022-0005

    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.... Read more

    • Published: May. 12, 2022
    • Modified: May. 05, 2025

  • 2.4

    LOW
    CVE-2022-48506

    A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymizat... Read more

    Affected Products : democracy_suite
    • Published: Jun. 19, 2023
    • Modified: Jan. 02, 2025

  • 2.4

    LOW
    CVE-2024-57375

    Andamiro Pump It Up 20th Anniversary (aka Double X or XX/2019) 1.00.0-2.08.3 allows a physically proximate attacker to cause a denial of service (application crash) via certain deselect actions.... Read more

    Affected Products :
    • Published: Apr. 25, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Denial of Service

  • 2.4

    LOW
    CVE-2024-3124

    A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an u... Read more

    Affected Products :
    • Published: Apr. 01, 2024
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-0230

    A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic.... Read more

    • Published: Jan. 12, 2024
    • Modified: Jun. 03, 2025

  • 2.4

    LOW
    CVE-2023-21454

    Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.... Read more

    Affected Products : android android dex
    • Published: Mar. 16, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-31224

    Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior... Read more

    • Published: Sep. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2010-2397

    Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI.... Read more

    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2020-1797

    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of ... Read more

    Affected Products : mate_20_firmware mate_20
    • Published: May. 29, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-13087

    A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the... Read more

    Affected Products :
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Injection

  • 2.4

    LOW
    CVE-2023-39843

    Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.... Read more

    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2016-11027

    An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016-7132 (December 2016).... Read more

    Affected Products : android
    • Published: Apr. 07, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-22075

    Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any Vie... Read more

    Affected Products : database_server
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-4071

    In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASIC_AUTH_LOGIN and BASIC_AUTH_PASSWORD is set. Currently the string comparison between configured cre... Read more

    Affected Products : django-basic-auth-ip-whitelist
    • Published: Jun. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-1833

    Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. A logic error occurs when handling clock function, an attacker should do a series of crafted operations quickly before the phone is unloc... Read more

    Affected Products : honor_9x_firmware honor_9x
    • Published: May. 29, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-12039

    Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus includi... Read more

    • Published: Jun. 29, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-19563

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293673 Results