Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.7

    LOW
    CVE-2025-55202

    Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7, the protections against path traversal attacks in the UI config module are insufficient, still partially a... Read more

    Affected Products : opencast
    • Published: Aug. 29, 2025
    • Modified: Aug. 29, 2025
    • Vuln Type: Path Traversal

  • 2.7

    LOW
    CVE-2024-29947

    There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality. ... Read more

    Affected Products :
    • Published: Apr. 02, 2024
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2023-21874

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr... Read more

    Affected Products : mysql mysql_server
    • EPSS Score: %0.04
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2025-2988

    IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.... Read more

    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Information Disclosure

  • 2.7

    LOW
    CVE-2025-46777

    A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secre... Read more

    Affected Products : fortiportal
    • Published: May. 28, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Information Disclosure

  • 2.7

    LOW
    CVE-2025-48370

    auth-js is an isomorphic Javascript library for Supabase Auth. Prior to version 2.69.1, the library functions getUserById, deleteUser, updateUserById, listFactors and deleteFactor did not require the user supplied values to be valid UUIDs. This could lead... Read more

    Affected Products :
    • Published: May. 27, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Path Traversal

  • 2.7

    LOW
    CVE-2024-47190

    Northern.tech Hosted Mender before 2024.07.11 allows SSRF.... Read more

    Affected Products :
    • Published: Nov. 08, 2024
    • Modified: Nov. 08, 2024

  • 2.7

    LOW
    CVE-2025-50098

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network a... Read more

    Affected Products : mysql mysql_server
    • Published: Jul. 15, 2025
    • Modified: Jul. 17, 2025
    • Vuln Type: Denial of Service

  • 2.7

    LOW
    CVE-2023-22038

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multi... Read more

    • EPSS Score: %0.07
    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2023-45809

    Wagtail is an open source content management system built on Django. A user with a limited-permission editor account for the Wagtail admin can make a direct URL request to the admin view that handles bulk actions on user accounts. While authentication rul... Read more

    Affected Products : wagtail wagtail
    • EPSS Score: %0.21
    • Published: Oct. 19, 2023
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2023-37361

    REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, app_title, or randomization.... Read more

    Affected Products : redcap
    • EPSS Score: %0.05
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2024-41156

    Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users wit... Read more

    • Published: Oct. 29, 2024
    • Modified: Dec. 05, 2024

  • 2.7

    LOW
    CVE-2024-20912

    Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle ... Read more

    Affected Products : audit_vault_and_database_firewall
    • EPSS Score: %0.18
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 2.7

    LOW
    CVE-2024-47577

    Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information disclosure vulnerability. When an authorized agent searches for customer to manage their accounts, the request url includes customer data and it is recorded in ... Read more

    Affected Products : commerce_cloud
    • Published: Dec. 10, 2024
    • Modified: Dec. 10, 2024

  • 2.7

    LOW
    CVE-2023-37833

    Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users.... Read more

    Affected Products : etg150_firmware etg150
    • EPSS Score: %0.05
    • Published: Oct. 31, 2023
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2023-3587

    Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions. ... Read more

    Affected Products : mattermost_server mattermost
    • EPSS Score: %0.06
    • Published: Jul. 17, 2023
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2023-32114

    SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server una... Read more

    Affected Products : netweaver
    • EPSS Score: %0.06
    • Published: Jun. 13, 2023
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2022-36168

    A directory traversal vulnerability was discovered in Wuzhicms 4.1.0. via /coreframe/app/attachment/admin/index.php:... Read more

    Affected Products : wuzhicms
    • EPSS Score: %0.45
    • Published: Aug. 26, 2022
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2022-2556

    The Mailchimp for WooCommerce WordPress plugin before 2.7.2 has an AJAX action that allows high privilege users to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it c... Read more

    Affected Products : mailchimp_for_woocommerce
    • EPSS Score: %0.34
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 2.7

    LOW
    CVE-2022-3710

    A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA.... Read more

    • EPSS Score: %0.22
    • Published: Dec. 01, 2022
    • Modified: Apr. 23, 2025
Showing 20 of 291784 Results