Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.7

    LOW
    CVE-2024-21210

    Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via... Read more

    Affected Products : jdk jre java_se
    • Published: Oct. 15, 2024
    • Modified: Jun. 18, 2025

  • 3.7

    LOW
    CVE-2014-0476

    The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.... Read more

    Affected Products : ubuntu_linux chkrootkit
    • Published: Oct. 25, 2014
    • Modified: Apr. 12, 2025

  • 3.7

    LOW
    CVE-2000-1162

    ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack.... Read more

    Affected Products : ghostscript
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2011-0812

    Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2006-1542

    Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has... Read more

    Affected Products : python
    • Published: Mar. 30, 2006
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2023-38546

    This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for s... Read more

    Affected Products : curl libcurl
    • Published: Oct. 18, 2023
    • Modified: Feb. 13, 2025

  • 3.7

    LOW
    CVE-2024-11856

    A security vulnerability in HPE IceWall products could be exploited remotely to cause Unauthorized Data Modification.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 3.7

    LOW
    CVE-2024-21131

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; O... Read more

    • Published: Jul. 16, 2024
    • Modified: Dec. 05, 2024

  • 3.7

    LOW
    CVE-2012-2693

    libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access uni... Read more

    Affected Products : libvirt
    • Published: Jun. 17, 2012
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2024-21012

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JD... Read more

    • Published: Apr. 16, 2024
    • Modified: May. 21, 2025

  • 3.7

    LOW
    CVE-2024-21671

    The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in... Read more

    Affected Products : vantage6
    • Published: Jan. 30, 2024
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-21098

    Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3.... Read more

    Affected Products : graalvm graalvm_for_jdk
    • Published: Apr. 16, 2024
    • Modified: Dec. 06, 2024

  • 3.7

    LOW
    CVE-2010-1323

    MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution... Read more

    Affected Products : kerberos_5 kerberos
    • Published: Dec. 02, 2010
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2023-21937

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: ... Read more

    • Published: Apr. 18, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2011-2300

    Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 through 4.0.8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Guest Additions for Windows.... Read more

    Affected Products : vm_virtualbox
    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 3.7

    LOW
    CVE-2023-41335

    Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—... Read more

    Affected Products : fedora synapse
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.7

    LOW
    CVE-2024-42174

    HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users, and therefore compile a list of valid usernames.... Read more

    Affected Products : dryice_myxalytics
    • Published: Jan. 11, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authentication

  • 3.7

    LOW
    CVE-2024-10106

    A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer.... Read more

    Affected Products : emberznet emberznet_sdk
    • Published: Jan. 09, 2025
    • Modified: Jan. 09, 2025
    • Vuln Type: Memory Corruption

  • 3.7

    LOW
    CVE-2025-54352

    WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior.... Read more

    Affected Products : wordpress
    • Published: Jul. 21, 2025
    • Modified: Jul. 22, 2025
    • Vuln Type: Information Disclosure

  • 3.7

    LOW
    CVE-2025-48946

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. liboqs prior to version 0.13.0 supports the HQC algorithm, an algorithm with a theoretical design flaw which leads to large numbers of malf... Read more

    Affected Products : liboqs
    • Published: May. 30, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Cryptography
Showing 20 of 294513 Results