Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.2

    LOW
    CVE-2014-7251

    XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors.... Read more

    Affected Products : fast\/tools
    • EPSS Score: %0.08
    • Published: Dec. 06, 2014
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2021-36170

    An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.... Read more

    Affected Products : fortimanager fortianalyzer
    • EPSS Score: %0.05
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2022-29816

    In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible... Read more

    Affected Products : intellij_idea
    • EPSS Score: %0.00
    • Published: Apr. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2013-2192

    The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sen... Read more

    Affected Products : hadoop
    • EPSS Score: %0.11
    • Published: Jan. 24, 2014
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2013-5883

    Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.07
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2012-0524

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows local users to affect confidentiality and integrity via unknown vectors related to File Processing.... Read more

    Affected Products : peoplesoft_products
    • EPSS Score: %0.20
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2010-2384

    Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console.... Read more

    Affected Products : solaris
    • EPSS Score: %0.19
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2011-4160

    Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.... Read more

    • EPSS Score: %0.05
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2023-26442

    In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by that backend. An attacker with access to a local or restricted network with the capability to intercept and replay HTTP requests to sprox... Read more

    • EPSS Score: %0.04
    • Published: Aug. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2021-3392

    A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw al... Read more

    Affected Products : fedora debian_linux qemu
    • EPSS Score: %0.02
    • Published: Mar. 23, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2006-1014

    Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create ar... Read more

    Affected Products : php
    • EPSS Score: %2.03
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 3.2

    LOW
    CVE-2021-25333

    Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.... Read more

    Affected Products : pay_mini
    • EPSS Score: %0.07
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2025-29431

    Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/department.php via the id, code, and name parameters.... Read more

    • Published: Mar. 17, 2025
    • Modified: Apr. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.2

    LOW
    CVE-2010-2382

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : solaris
    • EPSS Score: %0.19
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2023-20573

    A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. ... Read more

    • EPSS Score: %0.09
    • Published: Jan. 11, 2024
    • Modified: Jun. 20, 2025

  • 3.2

    LOW
    CVE-2013-0343

    The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and a... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.38
    • Published: Feb. 28, 2013
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2020-14394

    An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of servi... Read more

    • EPSS Score: %0.01
    • Published: Aug. 17, 2022
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-25741

    fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.... Read more

    Affected Products : qemu
    • EPSS Score: %0.18
    • Published: Oct. 02, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2020-2748

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker wi... Read more

    Affected Products : leap vm_virtualbox
    • EPSS Score: %0.13
    • Published: Apr. 15, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2025-46394

    In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.... Read more

    Affected Products : busybox
    • Published: Apr. 23, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291784 Results