Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2024-44180

    The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 17, 2024
    • Modified: Mar. 13, 2025

  • 2.4

    LOW
    CVE-2024-12425

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying... Read more

    Affected Products : libreoffice
    • Published: Jan. 07, 2025
    • Modified: Jan. 07, 2025
    • Vuln Type: Path Traversal

  • 2.4

    LOW
    CVE-2010-3513

    Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers.... Read more

    Affected Products : solaris opensolaris
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2014-0406

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different... Read more

    Affected Products : vm_virtualbox
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2024-27314

    Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SD... Read more

    • Published: May. 27, 2024
    • Modified: Jun. 17, 2025

  • 2.4

    LOW
    CVE-2024-27835

    This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to access notes from the lock screen.... Read more

    Affected Products : iphone_os ipad_os ipados
    • Published: May. 14, 2024
    • Modified: Dec. 12, 2024

  • 2.4

    LOW
    CVE-2017-2351

    An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WiFi" component, which allows physically proximate attackers to bypass the activation-lock protection mechanism and view the home screen via unspecif... Read more

    Affected Products : iphone_os
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 2.4

    LOW
    CVE-2017-2397

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Accounts" component. It allows physically proximate attackers to discover an Apple ID by reading an iCloud authentication prompt on the lock screen.... Read more

    Affected Products : iphone_os
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 2.4

    LOW
    CVE-2014-0404

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different... Read more

    Affected Products : vm_virtualbox
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.4

    LOW
    CVE-2024-29338

    Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via /anchor/admin/categories/delete/2.... Read more

    Affected Products : anchor_cms
    • Published: Mar. 22, 2024
    • Modified: Mar. 28, 2025

  • 2.3

    LOW
    CVE-2020-29480

    An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, mod... Read more

    Affected Products : fedora debian_linux xen
    • Published: Dec. 15, 2020
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2024-44123

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. A malicious app with root privileges may be able to access keyboard input and location information without user consent.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Oct. 28, 2024
    • Modified: Dec. 06, 2024

  • 2.3

    LOW
    CVE-2024-36469

    Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one.... Read more

    Affected Products : zabbix
    • Published: Apr. 02, 2025
    • Modified: Apr. 02, 2025
    • Vuln Type: Authentication

  • 2.3

    LOW
    CVE-2025-32700

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseLog.Php, includes/Pager/AbuseLogPager.Php, includes/Special/SpecialAbu... Read more

    Affected Products :
    • Published: Apr. 10, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Information Disclosure

  • 2.3

    LOW
    CVE-2012-0833

    The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a cer... Read more

    Affected Products : 389_directory_server
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 2.3

    LOW
    CVE-2015-7884

    The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025

  • 2.3

    LOW
    CVE-2024-36032

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in ... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2015-8569

    The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mecha... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025

  • 2.3

    LOW
    CVE-2015-7885

    The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025

  • 2.3

    LOW
    CVE-2020-0029

    In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for ... Read more

    Affected Products : android
    • Published: Mar. 10, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294068 Results