Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-3121

    A rule file in module-assistant before 0.9.10 causes a temporary file to be created insecurely, which allows local users to conduct unauthorized operations.... Read more

    Affected Products : module-assistant
    • EPSS Score: %0.07
    • Published: Oct. 20, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3115

    mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN].... Read more

    Affected Products : mpeg-tools
    • EPSS Score: %0.08
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-0085

    JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the source ... Read more

    Affected Products : jboss_fuse jboss_a-mq
    • EPSS Score: %0.14
    • Published: Apr. 17, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-6646

    F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors.... Read more

    • EPSS Score: %0.05
    • Published: Apr. 18, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2017-2752

    A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a re... Read more

    Affected Products : tommy_hilfiger_th24\/7
    • EPSS Score: %0.11
    • Published: Mar. 27, 2019
    • Modified: Nov. 21, 2024

  • 2.1

    LOW
    CVE-2013-3976

    The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli Storage Manager for Mail and the (2) FlashCopy Manager for Exchange component 2.2 and 3.1 before 3.1.1 in IBM Tivoli Storage FlashCopy Manager do not prop... Read more

    • EPSS Score: %0.18
    • Published: Mar. 26, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2019

    IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not prevent caching of documents retrieved in SSL sessions, which allows physically proxi... Read more

    Affected Products : tivoli_directory_server
    • EPSS Score: %0.08
    • Published: Jun. 28, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-1933

    Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, which could allow local users to bypass access controls and read unauthorized messages.... Read more

    Affected Products : ux
    • EPSS Score: %0.07
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-3093

    IBM PowerVC 1.2.0 before FP3 and 1.2.1 before FP2 uses cleartext passwords in (1) api-paste.ini, (2) debug logs, (3) the installation process, (4) environment checks, (5) powervc-ldap-config, (6) powervc-restore, and (7) powervc-diag, which allows local u... Read more

    Affected Products : powervc
    • EPSS Score: %0.05
    • Published: Aug. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-2731

    Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.... Read more

    Affected Products : security_linux
    • EPSS Score: %0.12
    • Published: Aug. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-2690

    Citrix VDI-in-a-Box 5.3.x before 5.3.6 and 5.4.x before 5.4.3 allows local users to obtain administrator credentials by reading the log.... Read more

    Affected Products : vdi-in-a-box
    • EPSS Score: %0.07
    • Published: Apr. 15, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-5075

    Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.... Read more

    Affected Products : avast\!_internet_security
    • EPSS Score: %0.42
    • Published: Dec. 28, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-2078

    BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument.... Read more

    Affected Products : bisonftp
    • EPSS Score: %0.61
    • Published: Jun. 29, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-2207

    The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 2.0

    LOW
    CVE-2025-47824

    Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage of code.... Read more

    Affected Products :
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Cryptography

  • 2.0

    LOW
    CVE-2023-45706

    An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration. ... Read more

    Affected Products : bigfix_platform
    • Published: Mar. 28, 2024
    • Modified: Nov. 21, 2024

  • 2.0

    LOW
    CVE-2025-30516

    Mattermost Mobile Apps versions <=2.25.0  fail to terminate sessions during logout under certain conditions (e.g. poor connectivity), allowing unauthorized users on shared devices to access sensitive notification content via continued mobile notifications... Read more

    Affected Products : mattermost_server
    • Published: Apr. 14, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Authentication

  • 2.0

    LOW
    CVE-2025-8573

    Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page.  Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concr... Read more

    Affected Products : concrete_cms concrete5
    • Published: Aug. 05, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.0

    LOW
    CVE-2025-2922

    A vulnerability classified as problematic was found in Netis WF-2404 1.1.124EN. Affected by this vulnerability is an unknown functionality of the component BusyBox Shell. The manipulation leads to cleartext storage of sensitive information. It is possible... Read more

    Affected Products :
    • Published: Mar. 28, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Information Disclosure

  • 2.0

    LOW
    CVE-2025-5941

    Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based ... Read more

    Affected Products : netskope
    • Published: Aug. 14, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291193 Results