Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.8

    LOW
    CVE-2018-2831

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : vm_virtualbox
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2022-21487

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where... Read more

    Affected Products : vm_virtualbox
    • Published: Apr. 19, 2022
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2013-6219

    Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A.01.02.02 on HP-UX B.11.31 allows local users to bypass intended access restrictions via unknown vectors.... Read more

    Affected Products : hp-ux hp-ux_whitelisting
    • Published: Apr. 19, 2014
    • Modified: Apr. 12, 2025

  • 3.8

    LOW
    CVE-2013-1530

    Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 3.8

    LOW
    CVE-2024-4028

    A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack.... Read more

    Affected Products : keycloak build_of_keycloak
    • Published: Feb. 18, 2025
    • Modified: Feb. 18, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.8

    LOW
    CVE-2025-6943

    Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.... Read more

    Affected Products : secret_server
    • Published: Jul. 02, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Authorization

  • 3.8

    LOW
    CVE-2024-31144

    For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.html#object-model-overview Xapi contains functionality to backup and restore metadata about Virtual Machines and Storage Repositories (SRs). The metadata ... Read more

    Affected Products : xen
    • Published: Feb. 14, 2025
    • Modified: Apr. 26, 2025
    • Vuln Type: Misconfiguration

  • 3.8

    LOW
    CVE-2024-6156

    Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.... Read more

    Affected Products : lxd
    • Published: Dec. 06, 2024
    • Modified: Aug. 26, 2025

  • 3.8

    LOW
    CVE-2025-25878

    A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data.... Read more

    Affected Products : simple_chatbox
    • Published: Feb. 21, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 3.8

    LOW
    CVE-2024-0173

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.... Read more

    • Published: Mar. 13, 2024
    • Modified: Jan. 31, 2025

  • 3.8

    LOW
    CVE-2023-27300

    Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : thunderbolt_dch_driver
    • Published: Feb. 14, 2024
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2022-24886

    Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. In versions prior to 3.19.0, any application with notification permission can access contacts if Nextcloud has access to Contacts without applying for the Cont... Read more

    Affected Products : nextcloud_server nextcloud notes
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2024-0154

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.... Read more

    • Published: Mar. 13, 2024
    • Modified: Jan. 31, 2025

  • 3.8

    LOW
    CVE-2023-21889

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the ... Read more

    Affected Products : vm_virtualbox
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2023-21988

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows low privileged attacker with logon to the ... Read more

    Affected Products : vm_virtualbox
    • Published: Apr. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2023-21885

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the ... Read more

    Affected Products : vm_virtualbox
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2010-2393

    Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to RPC.... Read more

    Affected Products : solaris opensolaris
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.8

    LOW
    CVE-2024-39157

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=del&dataType=&dataID=1.... Read more

    Affected Products : idccms idccms
    • Published: Jun. 27, 2024
    • Modified: Apr. 15, 2025

  • 3.8

    LOW
    CVE-2023-42419

    Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could po... Read more

    Affected Products :
    • Published: Mar. 05, 2024
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2024-34218

    TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter.... Read more

    Affected Products : cp450_firmware cp450
    • Published: May. 14, 2024
    • Modified: Apr. 04, 2025
Showing 20 of 294330 Results