Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.6

    LOW
    CVE-2025-7215

    A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The manipulation leads to cleartext storage of sensitive inf... Read more

    Affected Products :
    • Published: Jul. 09, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 1.6

    LOW
    CVE-2025-7214

    A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The manipulation leads to risky cryptographic algorithm. It is ... Read more

    Affected Products :
    • Published: Jul. 09, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Cryptography

  • 1.6

    LOW
    CVE-2025-9381

    A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpa_supplicant.conf. Performing manipulation results in information disclosure. The attack may be carried out on the physical de... Read more

    Affected Products :
    • Published: Aug. 24, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Information Disclosure

  • 1.5

    LOW
    CVE-2013-4355

    Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory... Read more

    Affected Products : xen
    • EPSS Score: %0.09
    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2013-2393

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.47
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2013-5763

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure of th... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.16
    • Published: Dec. 12, 2013
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2015-0493

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-201... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.54
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.5

    LOW
    CVE-2007-0409

    BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.08
    • Published: Jan. 23, 2007
    • Modified: Apr. 09, 2025

  • 1.5

    LOW
    CVE-2009-2752

    IBM WebSphere Commerce 7.0 does not properly encrypt data in a database, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.... Read more

    Affected Products : websphere_commerce
    • EPSS Score: %0.06
    • Published: Feb. 05, 2010
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2011-1637

    Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962.... Read more

    • EPSS Score: %0.10
    • Published: Jun. 02, 2011
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2007-4126

    Unspecified vulnerability in the dynamic tracing framework (DTrace) on Sun Solaris 10 before 20070730 allows local users with PRIV_DTRACE_USER privileges to cause a denial of service (panic or hang) via unspecified use of certain DTrace programs.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Aug. 01, 2007
    • Modified: Apr. 09, 2025

  • 1.5

    LOW
    CVE-2007-3381

    The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of serv... Read more

    Affected Products : gdm
    • EPSS Score: %0.08
    • Published: Aug. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.5

    LOW
    CVE-2014-5029

    The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.... Read more

    Affected Products : cups ubuntu_linux
    • EPSS Score: %0.05
    • Published: Jul. 29, 2014
    • Modified: Apr. 12, 2025

  • 1.5

    LOW
    CVE-2011-1373

    Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.... Read more

    Affected Products : db2
    • EPSS Score: %0.06
    • Published: Nov. 09, 2011
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2013-1502

    Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.... Read more

    Affected Products : mysql mariadb solaris
    • EPSS Score: %0.15
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2009-2094

    Unspecified vulnerability in IBM WebSphere Commerce 6.0 Enterprise before 6.0.0.8, when trace is enabled, allows local users to obtain sensitive information via unknown vectors.... Read more

    Affected Products : websphere_commerce
    • EPSS Score: %0.05
    • Published: Aug. 13, 2009
    • Modified: Apr. 09, 2025

  • 1.5

    LOW
    CVE-2010-3321

    RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions ... Read more

    Affected Products : authentication_client
    • EPSS Score: %0.05
    • Published: Oct. 07, 2010
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2008-2587

    Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors.... Read more

    • EPSS Score: %0.16
    • Published: Jul. 15, 2008
    • Modified: Apr. 09, 2025

  • 1.5

    LOW
    CVE-2013-5791

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous informatio... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %25.22
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2015-4878

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-201... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.27
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291258 Results