Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2016-0437

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-... Read more

    Affected Products : retail_applications
    • EPSS Score: %0.28
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2016-0434

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0436, CVE-... Read more

    Affected Products : retail_applications
    • EPSS Score: %0.28
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2010-2619

    Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags."... Read more

    Affected Products : xenserver
    • EPSS Score: %0.09
    • Published: Jul. 02, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2015-4808

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In Filters, a different vulnerability than CVE-2015-6013, ... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.12
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2010-5292

    Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache in between runs of the include/cron/services_usage.php cron job.... Read more

    Affected Products : amberdms_billing_system
    • EPSS Score: %0.06
    • Published: Jan. 10, 2014
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2023-20518

    Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Nov. 05, 2024

  • 1.9

    LOW
    CVE-2013-0122

    The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zer... Read more

    Affected Products : avast\!_mobile_security
    • EPSS Score: %0.07
    • Published: Apr. 22, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-0534

    The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within pr... Read more

    • EPSS Score: %0.05
    • Published: Jun. 21, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2008-3876

    Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a ... Read more

    Affected Products : iphone
    • EPSS Score: %0.06
    • Published: Sep. 02, 2008
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2014-5232

    The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state.... Read more

    • EPSS Score: %0.05
    • Published: Jan. 14, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2005-1488

    Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) the E-mail address, Note, or Public Certificate fields to address.ht... Read more

    Affected Products : web_mail mail_server
    • EPSS Score: %0.05
    • Published: May. 11, 2005
    • Modified: Apr. 03, 2025

  • 1.9

    LOW
    CVE-2014-0974

    The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate a certain address value,... Read more

    Affected Products : little_kernel_bootloader
    • EPSS Score: %0.06
    • Published: Aug. 25, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2011-2267

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.57
    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-3541

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows local users to affect availability via unknown vectors related to Outside In Filters.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.47
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-3692

    NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step.... Read more

    Affected Products : enterprise_messenger_server
    • EPSS Score: %0.06
    • Published: Sep. 27, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2015-2534

    Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerabil... Read more

    • EPSS Score: %0.60
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-2580

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.... Read more

    Affected Products : solaris
    • EPSS Score: %0.22
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2009-1296

    The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are on... Read more

    Affected Products : ubuntu 73-oubuntu
    • EPSS Score: %0.07
    • Published: Jun. 09, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2009-2490

    Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or possibly gain privileges via unknown vectors related to "... Read more

    Affected Products : ray_server_software
    • EPSS Score: %0.06
    • Published: Jul. 16, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2010-1650

    IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option (aka debugging mode) is enabled, executes debugging statements that print string representations of unspecified objects,... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.07
    • Published: May. 03, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 291773 Results