Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2016-0436

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-... Read more

    Affected Products : retail_applications
    • EPSS Score: %0.28
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2023-31305

    Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure.... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Nov. 06, 2024

  • 1.9

    LOW
    CVE-2015-7404

    IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for ... Read more

    • EPSS Score: %0.03
    • Published: Nov. 14, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-6195

    The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on... Read more

    • EPSS Score: %0.04
    • Published: Feb. 14, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1146

    The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1064

    Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Mar. 12, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1113

    The Sandbox Profiles component in Apple iOS before 8.3 allows attackers to read the (1) telephone number or (2) e-mail address of a recent contact via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-0001

    The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary ... Read more

    • EPSS Score: %0.55
    • Published: Jan. 13, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2024-42155

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 30, 2024
    • Modified: Nov. 21, 2024

  • 1.9

    LOW
    CVE-2017-10120

    Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with log... Read more

    Affected Products : database database_server
    • EPSS Score: %0.08
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 1.9

    LOW
    CVE-2015-1097

    IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.... Read more

    Affected Products : iphone_os tvos
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2013-1958

    The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restri... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Apr. 24, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2007-0120

    Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlier allows remote attackers to cause a denial of service (application crash) via multiple HTTP requests containing invalid Content-Length values.... Read more

    Affected Products : web_vulnerability_scanner
    • EPSS Score: %0.56
    • Published: Jan. 09, 2007
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2008-0049

    AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applicat... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.19
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2009-1296

    The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are on... Read more

    Affected Products : ubuntu 73-oubuntu
    • EPSS Score: %0.07
    • Published: Jun. 09, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2009-0142

    Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic."... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.06
    • Published: Feb. 12, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2010-0106

    The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand ... Read more

    • EPSS Score: %0.30
    • Published: Feb. 19, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-4448

    House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 22, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-4447

    Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs.... Read more

    Affected Products : os_x_server
    • EPSS Score: %0.14
    • Published: Oct. 18, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2013-4481

    Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."... Read more

    Affected Products : enterprise_linux luci
    • EPSS Score: %0.03
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291222 Results