Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.9

    LOW
    CVE-2022-21317

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2022-21319

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2022-21311

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2022-21312

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2022-21313

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2022-21325

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • EPSS Score: %0.32
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2025-46416

    The Nix, Lix, and Guix package managers allow a bypass of build isolation in which a user can elevate their privileges to the build user account (e.g., nixbld or guixbuild). This affects Nix through 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix through 2.91.2,... Read more

    Affected Products : nix
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Authorization

  • 2.9

    LOW
    CVE-2014-5171

    SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network.... Read more

    • EPSS Score: %0.40
    • Published: Jul. 31, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2014-0905

    IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.... Read more

    Affected Products : infosphere_biginsights
    • EPSS Score: %0.11
    • Published: Aug. 17, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2012-2286

    Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors.... Read more

    • EPSS Score: %0.13
    • Published: Oct. 10, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2025-47774

    Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the `slice()` builtin can elide side effects when the output length is 0, and the source bytestring is a builtin (`msg.data` or `<addres... Read more

    Affected Products : vyper
    • Published: May. 15, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Denial of Service

  • 2.9

    LOW
    CVE-2025-48755

    In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST (zero-sized type).... Read more

    Affected Products :
    • Published: May. 24, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Memory Corruption

  • 2.9

    LOW
    CVE-2013-1582

    The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop... Read more

    Affected Products : wireshark
    • EPSS Score: %0.29
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1580

    The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a d... Read more

    Affected Products : wireshark
    • EPSS Score: %0.23
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2014-6381

    Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a den... Read more

    • EPSS Score: %0.20
    • Published: Dec. 12, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2025-47736

    dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8.... Read more

    Affected Products :
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 2.9

    LOW
    CVE-2024-40640

    vodozemac is an open source implementation of Olm and Megolm in pure Rust. Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and `PkDecryption` Ed25519 secret keys. This ... Read more

    Affected Products :
    • Published: Jul. 17, 2024
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2025-43965

    In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.... Read more

    Affected Products : imagemagick
    • Published: Apr. 23, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 2.9

    LOW
    CVE-2012-4454

    openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.... Read more

    Affected Products : opencryptoki
    • EPSS Score: %0.53
    • Published: Oct. 10, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2007-2037

    Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic.... Read more

    • EPSS Score: %0.58
    • Published: Apr. 16, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291265 Results