Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.7

    LOW
    CVE-2021-21416

    django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web framework. In django-registration prior to 3.1.2, the base user-account regist... Read more

    Affected Products : django-registration
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2012-3128

    Unspecified vulnerability in Oracle SPARC T-Series Servers running System Firmware 8.2.0 and 8.1.4.e or earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Integrated Lights Out Manager.... Read more

    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2023-6467

    A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement ... Read more

    Affected Products : icecms
    • Published: Dec. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-7883

    When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first us... Read more

    Affected Products :
    • Published: Oct. 31, 2024
    • Modified: Nov. 01, 2024

  • 3.7

    LOW
    CVE-2024-20954

    Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3.... Read more

    Affected Products : graalvm graalvm_for_jdk
    • Published: Apr. 16, 2024
    • Modified: Dec. 06, 2024

  • 3.7

    LOW
    CVE-2024-21068

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle Graal... Read more

    • Published: Apr. 16, 2024
    • Modified: Dec. 06, 2024

  • 3.7

    LOW
    CVE-2024-21094

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracl... Read more

    • Published: Apr. 16, 2024
    • Modified: May. 21, 2025

  • 3.7

    LOW
    CVE-2023-41335

    Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—... Read more

    Affected Products : fedora synapse
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2022-23292

    Microsoft Power BI Spoofing Vulnerability... Read more

    Affected Products : on-premises_data_gateway
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-30480

    Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through 1.2.... Read more

    Affected Products :
    • Published: May. 17, 2024
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2023-28168

    Missing Authorization vulnerability in Jerod Santo WordPress Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Console: from n/a through 0.3.9.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 3.7

    LOW
    CVE-2000-1162

    ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack.... Read more

    Affected Products : ghostscript
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2023-3803

    A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation... Read more

    • Published: Jul. 21, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-45453

    Authentication Bypass by Spoofing vulnerability in Peter Hardy-vanDoorn Maintenance Redirect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maintenance Redirect: from n/a through 2.0.1.... Read more

    Affected Products :
    • Published: Sep. 23, 2024
    • Modified: Sep. 26, 2024

  • 3.7

    LOW
    CVE-2024-32708

    Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through 3.0.1.... Read more

    Affected Products : maintenance_mode
    • Published: May. 17, 2024
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-20955

    Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 2... Read more

    Affected Products : graalvm graalvm_for_jdk
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 3.7

    LOW
    CVE-2023-33855

    Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 may exhibit non-constant-time behavior. This could allow a remote attacker to obtain sensitive information using a timing-based attack.... Read more

    • Published: Mar. 26, 2024
    • Modified: Jul. 25, 2025

  • 3.7

    LOW
    CVE-2023-23985

    Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4. ... Read more

    Affected Products : quiz_maker
    • Published: Apr. 24, 2024
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-43173

    IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.... Read more

    Affected Products : concert
    • Published: Oct. 22, 2024
    • Modified: Oct. 25, 2024

  • 3.7

    LOW
    CVE-2024-56339

    IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass security restrictions caused by a failure to honor security configuration.... Read more

    Affected Products : websphere_application_server
    • Published: Aug. 07, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293521 Results