Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.7

    LOW
    CVE-2024-21210

    Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via... Read more

    Affected Products : jdk jre java_se
    • Published: Oct. 15, 2024
    • Modified: Jun. 18, 2025

  • 3.7

    LOW
    CVE-2023-22049

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle G... Read more

    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2023-22036

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edi... Read more

    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2007-1742

    suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using ... Read more

    Affected Products : http_server
    • Published: Apr. 13, 2007
    • Modified: Apr. 09, 2025

  • 3.7

    LOW
    CVE-2006-4393

    Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users.... Read more

    Affected Products : mac_os_x
    • Published: Oct. 03, 2006
    • Modified: Apr. 09, 2025

  • 3.7

    LOW
    CVE-2000-0578

    SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user.... Read more

    Affected Products : mipspro_compilers
    • Published: Jun. 21, 2000
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2023-22051

    Vulnerability in the Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: GraalVM Compiler). Supported versions that are affected are Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17... Read more

    Affected Products : graalvm graalvm_for_jdk
    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2000-0579

    IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.... Read more

    Affected Products : irix
    • Published: Jun. 21, 2000
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2023-21938

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 2... Read more

    • Published: Apr. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2023-22025

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.... Read more

    • Published: Oct. 17, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2023-22044

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise ... Read more

    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2023-22045

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle Gra... Read more

    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-21208

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Or... Read more

    Affected Products : jdk jre graalvm java_se graalvm_for_jdk
    • Published: Oct. 15, 2024
    • Modified: Jun. 18, 2025

  • 3.7

    LOW
    CVE-2024-2606

    Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.... Read more

    Affected Products : firefox
    • Published: Mar. 19, 2024
    • Modified: Apr. 01, 2025

  • 3.7

    LOW
    CVE-2023-31124

    c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could a... Read more

    Affected Products : fedora c-ares c-ares
    • Published: May. 25, 2023
    • Modified: Feb. 13, 2025

  • 3.7

    LOW
    CVE-2023-32251

    A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of async... Read more

    Affected Products : linux_kernel
    • Published: Jul. 31, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 3.7

    LOW
    CVE-2023-28322

    An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the s... Read more

    • Published: May. 26, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2005-0988

    Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after t... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2023-34401

    Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-o... Read more

    • Published: Feb. 13, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Memory Corruption

  • 3.7

    LOW
    CVE-2024-43944

    Incorrect Authorization vulnerability in Yassine Idrissi Maintenance & Coming Soon Redirect Animation allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maintenance & Coming Soon Redirect Animation: from n/a through 2.1.3.... Read more

    Affected Products :
    • Published: Aug. 29, 2024
    • Modified: Aug. 30, 2024
Showing 20 of 294505 Results