Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.7

    MEDIUM
    CVE-2020-7296

    Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.... Read more

    Affected Products : web_gateway mcafee_web_gateway
    • Published: Sep. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2020-6923

    The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow.... Read more

    Affected Products :
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 5.7

    MEDIUM
    CVE-2025-25184

    Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-conce... Read more

    Affected Products : rack rack
    • Published: Feb. 12, 2025
    • Modified: Feb. 14, 2025
    • Vuln Type: Information Disclosure

  • 5.7

    MEDIUM
    CVE-2020-6315

    SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send certain manipulated file to the victim, which can lead to leakage of sensitive information when the victim loads the malicious file into the VE viewer, leading to Information Disclosur... Read more

    Affected Products : 3d_visual_enterprise_viewer
    • Published: Oct. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2024-35263

    Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability... Read more

    Affected Products : dynamics_365
    • Published: Jun. 11, 2024
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2024-34034

    An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service (DoS) attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component.... Read more

    Affected Products :
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 5.7

    MEDIUM
    CVE-2024-33876

    HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_deserialize in H5Spoint.c.... Read more

    Affected Products : hdf5
    • Published: May. 14, 2024
    • Modified: Apr. 18, 2025

  • 5.7

    MEDIUM
    CVE-2024-33772

    A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter "curTime."... Read more

    Affected Products : dir-619l_firmware dir-619l
    • Published: May. 14, 2024
    • Modified: May. 21, 2025

  • 5.7

    MEDIUM
    CVE-2024-33607

    Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : tdx_module_software tdx_module
    • Published: Aug. 12, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Information Disclosure

  • 5.7

    MEDIUM
    CVE-2024-32931

    Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.... Read more

    Affected Products : exacqvision_web_service
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 5.7

    MEDIUM
    CVE-2018-18358

    Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file.... Read more

    • Published: Dec. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2024-32606

    HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5tools_str_sprint in tools/lib/h5tools_str.c (called from h5tools_dump_simple_data in tools/lib/h5tools_dump.c).... Read more

    Affected Products : hdf5
    • Published: May. 14, 2024
    • Modified: Apr. 18, 2025

  • 5.7

    MEDIUM
    CVE-2024-32610

    HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.... Read more

    Affected Products : hdf5
    • Published: May. 14, 2024
    • Modified: Apr. 18, 2025

  • 5.7

    MEDIUM
    CVE-2015-0632

    Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770.... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 27, 2015
    • Modified: Apr. 12, 2025

  • 5.7

    MEDIUM
    CVE-2015-0578

    Cisco Adaptive Security Appliance (ASA) Software, when a DHCPv6 relay is configured, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets on the local network, aka Bug ID CSCur45455.... Read more

    • Published: Jan. 14, 2015
    • Modified: Apr. 12, 2025

  • 5.7

    MEDIUM
    CVE-2024-21306

    Microsoft Bluetooth Driver Spoofing Vulnerability... Read more

    • Published: Jan. 09, 2024
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2020-4048

    In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has been patched in version 5.4.2, along with all the previ... Read more

    Affected Products : fedora debian_linux wordpress
    • Published: Jun. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2024-30118

    HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request data.... Read more

    Affected Products : connections
    • Published: Oct. 09, 2024
    • Modified: Oct. 10, 2024

  • 5.7

    MEDIUM
    CVE-2020-3537

    A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability b... Read more

    Affected Products : jabber
    • Published: Sep. 04, 2020
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2024-2101

    The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin ... Read more

    Affected Products : salon_booking_system
    • Published: Apr. 17, 2024
    • Modified: Apr. 14, 2025
Showing 20 of 294742 Results