Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.7

    LOW
    CVE-2025-3416

    A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input a... Read more

    Affected Products :
    • Published: Apr. 08, 2025
    • Modified: Apr. 09, 2025
    • Vuln Type: Memory Corruption

  • 3.7

    LOW
    CVE-2013-5710

    The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.... Read more

    Affected Products : freebsd
    • Published: Sep. 23, 2013
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2025-31961

    HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.... Read more

    Affected Products : connections
    • Published: Aug. 15, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Authorization

  • 3.7

    LOW
    CVE-2025-51586

    An issue was discoverd in file controllers/admin/AdminLoginController.php in PrestaShop before 8.2.1 allowing attackers to gain sensitive information via the reset password feature.... Read more

    Affected Products : prestashop
    • Published: Sep. 08, 2025
    • Modified: Sep. 09, 2025
    • Vuln Type: Information Disclosure

  • 3.7

    LOW
    CVE-2024-2482

    A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /check_availability.php of the component HTTP POST Request Handler. The m... Read more

    Affected Products : hostel_management_system
    • Published: Mar. 15, 2024
    • Modified: Jan. 23, 2025

  • 3.7

    LOW
    CVE-2021-41136

    Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request throu... Read more

    Affected Products : debian_linux puma
    • Published: Oct. 12, 2021
    • Modified: May. 27, 2025

  • 3.7

    LOW
    CVE-2010-4450

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows l... Read more

    Affected Products : jre sdk jdk
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2013-5147

    Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition involving phone calls and ejection of a SIM card.... Read more

    Affected Products : iphone_os
    • Published: Sep. 19, 2013
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2007-0775

    Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execut... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Feb. 26, 2007
    • Modified: Apr. 09, 2025

  • 3.7

    LOW
    CVE-2021-43980

    The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18... Read more

    Affected Products : debian_linux tomcat
    • Published: Sep. 28, 2022
    • Modified: May. 21, 2025

  • 3.7

    LOW
    CVE-2013-0404

    Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/Boot.... Read more

    Affected Products : sunos solaris
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2021-21416

    django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web framework. In django-registration prior to 3.1.2, the base user-account regist... Read more

    Affected Products : django-registration
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2006-2452

    GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional priv... Read more

    Affected Products : gdm
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2024-7883

    When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first us... Read more

    Affected Products :
    • Published: Oct. 31, 2024
    • Modified: Nov. 01, 2024

  • 3.7

    LOW
    CVE-2012-0133

    HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card.... Read more

    • Published: Apr. 12, 2012
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2024-21211

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Orac... Read more

    • Published: Oct. 15, 2024
    • Modified: Jun. 23, 2025

  • 3.7

    LOW
    CVE-2013-7347

    Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2012-335... Read more

    Affected Products : enterprise_linux conga
    • Published: Mar. 31, 2014
    • Modified: Apr. 12, 2025

  • 3.7

    LOW
    CVE-2024-42188

    HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios.... Read more

    Affected Products :
    • Published: Nov. 14, 2024
    • Modified: Nov. 15, 2024

  • 3.7

    LOW
    CVE-2024-40632

    Linkerd is an open source, ultralight, security-first service mesh for Kubernetes. In affected versions when the application being run by linkerd is susceptible to SSRF, an attacker could potentially trigger a denial-of-service (DoS) attack by making requ... Read more

    Affected Products :
    • Published: Jul. 15, 2024
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-3302

    There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Apr. 16, 2024
    • Modified: Apr. 01, 2025
Showing 20 of 293179 Results