Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.3

    LOW
    CVE-2021-41527

    An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021-12-29 release can potentially be exploited to bypass the 2FA. The vulnerability requires that the 2FA setup hasn’t been completed.... Read more

    Affected Products :
    • Published: Feb. 07, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Authentication

  • 2.3

    LOW
    CVE-2022-20240

    In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not... Read more

    Affected Products : android
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 2.3

    LOW
    CVE-2023-45152

    Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot b... Read more

    Affected Products : engelsystem
    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2019-12756

    Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.... Read more

    Affected Products : endpoint_protection
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2025-2545

    Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its suscepti... Read more

    Affected Products :
    • Published: May. 05, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cryptography

  • 2.3

    LOW
    CVE-2024-52966

    An exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0 through 7.6.0 allows attacker to cause information disclosure via filter manipulation.... Read more

    Affected Products : fortianalyzer fortianalyzer
    • Published: Feb. 11, 2025
    • Modified: Jul. 22, 2025
    • Vuln Type: Information Disclosure

  • 2.3

    LOW
    CVE-2025-3864

    Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue ... Read more

    Affected Products :
    • Published: May. 28, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Denial of Service

  • 2.3

    LOW
    CVE-2025-22482

    A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed t... Read more

    Affected Products : qsync_central
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Information Disclosure

  • 2.3

    LOW
    CVE-2021-3923

    A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • Published: Mar. 27, 2023
    • Modified: Feb. 24, 2025

  • 2.3

    LOW
    CVE-2022-20261

    In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: An... Read more

    Affected Products : android
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2022-23744

    Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.... Read more

    Affected Products : endpoint_security harmony_endpoint
    • Published: Jul. 07, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2025-1795

    During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result ... Read more

    Affected Products : python
    • Published: Feb. 28, 2025
    • Modified: Feb. 28, 2025

  • 2.3

    LOW
    CVE-2022-29812

    In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient... Read more

    Affected Products : intellij_idea
    • Published: Apr. 28, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2022-33693

    Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2021-2207

    Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having RMAN executabl... Read more

    Affected Products : database database_server
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2021-2042

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server ... Read more

    • Published: Jan. 20, 2021
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2025-32700

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseLog.Php, includes/Pager/AbuseLogPager.Php, includes/Special/SpecialAbu... Read more

    Affected Products :
    • Published: Apr. 10, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Information Disclosure

  • 2.3

    LOW
    CVE-2017-10292

    Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to ... Read more

    Affected Products : database
    • Published: Oct. 19, 2017
    • Modified: Apr. 20, 2025

  • 2.3

    LOW
    CVE-2024-44123

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. A malicious app with root privileges may be able to access keyboard input and location information without user consent.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Oct. 28, 2024
    • Modified: Dec. 06, 2024

  • 2.3

    LOW
    CVE-2024-20045

    In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS080247... Read more

    Affected Products : android mt6833 mt6835 mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 mt6879 +24 more products
    • Published: Apr. 01, 2024
    • Modified: Apr. 23, 2025
Showing 20 of 293621 Results