Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2025-52687

    Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web traffics, potentially leading to session hijacking and denial-of-service (DoS).... Read more

    Affected Products :
    • Published: Jul. 16, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Injection

  • 2.4

    LOW
    CVE-2019-19557

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-19561

    A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information.... Read more

    Affected Products : hermes
    • Published: Nov. 16, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-10830

    An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can view notifications by entering many PINs in Lockdown mode. The Samsung ID is SVE-2019-16590 (March 2020).... Read more

    Affected Products : android
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-8682

    The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.... Read more

    Affected Products : iphone_os watchos
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-25824

    Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The threat model is a victim who has voluntarily opened Export Wizard but is then distracted. An attacker then approaches th... Read more

    Affected Products : telegram_desktop
    • Published: Oct. 14, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-3859

    An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-1755

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A person with physical access to an iOS device may be able to access contacts from the... Read more

    Affected Products : macos
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-14359

    On BC Vault devices, a side channel for the row-based SSD1309 OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardwa... Read more

    Affected Products : bc_vault_firmware bc_vault
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-25409

    Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.... Read more

    Affected Products : android dex
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-24885

    Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for t... Read more

    Affected Products : nextcloud_server nextcloud notes
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2018-21073

    An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) (Galaxy S9+, Galaxy S9, Galaxy S8+, Galaxy S8, Note 8). There is access to Clipboard content in the locked state via the Edge panel. The Samsung ID is SVE-2017-10748 (May 2018).... Read more

    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2016-1000002

    gdm3 3.14.2 and possibly later has an information leak before screen lock... Read more

    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2016-4593

    The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors.... Read more

    Affected Products : iphone_os
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 2.4

    LOW
    CVE-2018-4387

    A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.... Read more

    Affected Products : iphone_os
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-34682

    Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 13, 2024

  • 2.4

    LOW
    CVE-2024-27819

    The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to access contacts from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Jun. 10, 2024
    • Modified: Mar. 29, 2025

  • 2.4

    LOW
    CVE-2023-32390

    The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup.... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Jun. 23, 2023
    • Modified: Dec. 05, 2024

  • 2.4

    LOW
    CVE-2023-32394

    The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. A person with physical access to a device may be able to view contact information from the lock screen.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jun. 23, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-39843

    Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.... Read more

    • Published: Aug. 15, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293946 Results