Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-42872

    The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to access sensitive user data.... Read more

    Affected Products : macos iphone_os safari ipados
    • EPSS Score: %0.06
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 8.8

    HIGH
    CVE-2023-42866

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • EPSS Score: %0.36
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-42831

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to fingerprint the user.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.08
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 7.8

    HIGH
    CVE-2023-42828

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.5. An app may be able to gain root privileges.... Read more

    Affected Products : macos
    • EPSS Score: %0.13
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 2.4

    LOW
    CVE-2023-40529

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17 and iPadOS 17. A person with physical access to a device may be able to use VoiceOver to access private calendar information.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.12
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-40437

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.07
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-40433

    A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks.... Read more

    Affected Products : macos
    • EPSS Score: %0.02
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 9.6

    CRITICAL
    CVE-2023-39336

    An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under speci... Read more

    Affected Products : endpoint_manager
    • EPSS Score: %0.88
    • Published: Jan. 09, 2024
    • Modified: Jun. 03, 2025

  • 6.1

    MEDIUM
    CVE-2023-38827

    Cross Site Scripting vulnerability in Follet School Solutions Destiny v.20_0_1_AU4 and later allows a remote attacker to run arbitrary code via presentonesearchresultsform.do.... Read more

    Affected Products : solutions_destiny
    • EPSS Score: %0.12
    • Published: Jan. 09, 2024
    • Modified: Jun. 03, 2025

  • 3.3

    LOW
    CVE-2023-38612

    The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. An app may be able to access protected user data.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.08
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-38607

    The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings.... Read more

    Affected Products : macos
    • EPSS Score: %0.10
    • Published: Jan. 10, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-37644

    SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.09
    • Published: Jan. 11, 2024
    • Modified: Jun. 03, 2025

  • 7.5

    HIGH
    CVE-2023-37608

    An issue in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information because there is an automaticsystems super admin account with astech as its hardcoded password.... Read more

    • EPSS Score: %0.07
    • Published: Jan. 03, 2024
    • Modified: Jun. 03, 2025

  • 7.5

    HIGH
    CVE-2023-37607

    Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter.... Read more

    • EPSS Score: %0.19
    • Published: Jan. 03, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-34328

    [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unf... Read more

    Affected Products : xen
    • EPSS Score: %0.08
    • Published: Jan. 05, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-34327

    [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unf... Read more

    Affected Products : xen
    • EPSS Score: %0.08
    • Published: Jan. 05, 2024
    • Modified: Jun. 03, 2025

  • 7.5

    HIGH
    CVE-2023-32886

    In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807... Read more

    Affected Products : nr15 nr16 nr17 mt2735 mt6813 mt6833 mt6833p mt6835 mt6853 mt6853t +37 more products
    • EPSS Score: %1.08
    • Published: Jan. 02, 2024
    • Modified: Jun. 03, 2025

  • 6.7

    MEDIUM
    CVE-2023-32884

    In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; I... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +50 more products
    • EPSS Score: %0.01
    • Published: Jan. 02, 2024
    • Modified: Jun. 03, 2025

  • 6.7

    MEDIUM
    CVE-2023-32883

    In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Iss... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6853t mt6855 +47 more products
    • EPSS Score: %0.01
    • Published: Jan. 02, 2024
    • Modified: Jun. 03, 2025

  • 4.4

    MEDIUM
    CVE-2023-32876

    In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issu... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6853t mt6855 +48 more products
    • EPSS Score: %0.01
    • Published: Jan. 02, 2024
    • Modified: Jun. 03, 2025
Showing 20 of 292247 Results