Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2016-6564

    Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This ... Read more

    • Published: Jul. 13, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-21965

    A denial of service vulnerability exists in the SeaMax remote configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigge... Read more

    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-6742

    An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first re... Read more

    Affected Products : android
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-30354

    Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted P... Read more

    Affected Products : kindle_firmware kindle
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2018-3990

    An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and... Read more

    Affected Products : windows wibukey
    • Published: Feb. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2020-11210

    Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking... Read more

    • Published: Apr. 07, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-17106

    HEVC Video Extensions Remote Code Execution Vulnerability... Read more

    Affected Products : hevc_video_extensions
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-1585

    A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for ... Read more

    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-22727

    A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user�s local machine when the user clicks a specially crafted... Read more

    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-30317

    Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industr... Read more

    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-35122

    Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearabl... Read more

    • Published: Sep. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-23677

    A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.... Read more

    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37583

    MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).... Read more

    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-25090

    Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.... Read more

    Affected Products : printix
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-27185

    A denial of service vulnerability exists in the confctl_set_master_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability.... Read more

    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-2028

    In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0... Read more

    Affected Products : android
    • Published: Apr. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38099

    CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of th... Read more

    Affected Products : photopaint_2020
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-6820

    Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via unspecified vectors.... Read more

    • Published: Nov. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2022-31540

    The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : hin-eng-preprocessing
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31544

    The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : robo-tom
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results