Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2021-25348

    Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.... Read more

    Affected Products : internet
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-27456

    Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access control.... Read more

    • Published: Mar. 23, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-0005

    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.... Read more

    • Published: May. 12, 2022
    • Modified: May. 05, 2025

  • 2.4

    LOW
    CVE-2019-8548

    An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in watchOS 5.2. A partially entered passcode may not clear w... Read more

    Affected Products : watchos
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-0895

    IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from debugging code log messages.... Read more

    Affected Products : cognos_analytics_mobile
    • Published: Mar. 02, 2025
    • Modified: Jul. 31, 2025
    • Vuln Type: Information Disclosure

  • 2.4

    LOW
    CVE-2022-39043

    Juiker app stores debug logs which contains sensitive information to mobile external storage. An unauthenticated physical attacker can access these files to acquire partial user information such as personal contacts.... Read more

    Affected Products : juiker
    • Published: Mar. 27, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-33720

    Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.... Read more

    Affected Products : android dex
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2023-21438

    Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.... Read more

    Affected Products : android android dex
    • Published: Feb. 09, 2023
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2024-34649

    Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.... Read more

    Affected Products : android android
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 2.4

    LOW
    CVE-2019-5213

    Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify th... Read more

    Affected Products : honor_play_firmware honor_play
    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2020-11606

    An issue was discovered on Samsung mobile devices with Q(10.0) software. Information about application preview (in the Secure Folder) leaks on a locked device. The Samsung ID is SVE-2019-16463 (April 2020).... Read more

    Affected Products : android
    • Published: Apr. 08, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2022-24885

    Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for t... Read more

    Affected Products : nextcloud_server nextcloud notes
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-2865

    SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web server. An attacker with some knowledge of the web application could send a malicious request to the victim users. Through this reques... Read more

    Affected Products :
    • Published: Mar. 28, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.4

    LOW
    CVE-2020-1831

    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the u... Read more

    Affected Products : mate_20_firmware mate_20
    • Published: May. 29, 2020
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-14359

    On BC Vault devices, a side channel for the row-based SSD1309 OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardwa... Read more

    Affected Products : bc_vault_firmware bc_vault
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2018-17177

    An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called "black box" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character passwo... Read more

    • Published: Sep. 18, 2018
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2019-14357

    On Mooltipass Mini devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardwar... Read more

    • Published: Aug. 10, 2019
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2025-30750

    Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with net... Read more

    • Published: Jul. 15, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Authorization

  • 2.4

    LOW
    CVE-2025-1419

    Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite)... Read more

    Affected Products :
    • Published: May. 21, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.4

    LOW
    CVE-2019-8682

    The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.... Read more

    Affected Products : iphone_os watchos
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293693 Results