Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2016-3910

    services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30148546.... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3911

    core/java/android/os/Process.java in Zygote in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30143607.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3913

    media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows attacke... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3915

    camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 305918... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3931

    drivers/misc/qseecom.c in the Qualcomm QSEE Communicator driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29157595 and Qualc... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3932

    mediaserver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 29161895 and MediaTek internal bug ALPS02770870.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3934

    drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_cci_i2c.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices relies on variable-length arrays, which allows attackers to gai... Read more

    Affected Products : android
    • EPSS Score: %0.08
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3936

    The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019037 and MediaTek internal bug ALPS02829568.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3938

    drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30019716 an... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6672

    The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6673

    The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6675

    Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application ... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6676

    Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0853

    svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the "Command Shell" menu item while in the directory trunk/$(xeyes).... Read more

    Affected Products : svn-workbench
    • EPSS Score: %1.67
    • Published: Sep. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-6432

    A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in t... Read more

    • EPSS Score: %4.74
    • Published: Oct. 27, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2025-32643

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPGYM allows Blind SQL Injection. This issue affects WPGYM: from n/a through 65.0.... Read more

    Affected Products :
    • Published: May. 16, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-25037

    An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <= 2.0. The tcp.php endpoint fails to restrict unauthenticated access, allowing remote attackers to issue crafted POST re... Read more

    Affected Products :
    • Published: Jun. 20, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Information Disclosure

  • 9.3

    CRITICAL
    CVE-2025-6513

    Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.... Read more

    Affected Products :
    • Published: Jun. 23, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Information Disclosure

  • 9.3

    CRITICAL
    CVE-2025-4383

    Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot allows Authentication Abuse, Authentication Bypass.This issue affects Wi-Fi Cloud Hotspot: before 3... Read more

    Affected Products :
    • Published: Jun. 24, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Authentication

  • 9.3

    CRITICAL
    CVE-2025-2566

    Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server.... Read more

    Affected Products :
    • Published: Jun. 24, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 291717 Results