Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.0

    LOW
    CVE-2023-6950

    An Improper Input Validation vulnerability affecting the FTP service running on the DJI Mavic Mini 3 Pro could allow an attacker to craft a malicious packet containing a malformed path provided to the FTP SIZE command that leads to a denial-of-service att... Read more

    Affected Products :
    • Published: Apr. 02, 2024
    • Modified: Nov. 21, 2024

  • 3.0

    LOW
    CVE-2021-34396

    Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 3.0

    LOW
    CVE-2024-42350

    Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Third-party blocks can be generated without transferring the whole token to the third-party authority.... Read more

    Affected Products :
    • Published: Aug. 05, 2024
    • Modified: Aug. 06, 2024

  • 3.0

    LOW
    CVE-2025-52136

    In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability... Read more

    Affected Products : emqx
    • Published: Aug. 10, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Authentication

  • 3.0

    LOW
    CVE-2025-42990

    Unprotected SAPUI5 applications allow an attacker with basic privileges to inject malicious HTML code into a webpage, with the goal of redirecting users to the attacker controlled URL. This issue could impact the integrity of the application. Confidential... Read more

    Affected Products :
    • Published: Jun. 10, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.0

    LOW
    CVE-2010-2378

    Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite CRM 9.0 Bundle #28 and CRM 9.1 Bundle #4 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2024-24901

    Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.... Read more

    Affected Products : powerscale_onefs
    • Published: Mar. 04, 2024
    • Modified: Jan. 08, 2025

  • 3.0

    LOW
    CVE-2010-2374

    Unspecified vulnerability in Solaris Studio 12 update 1 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : solaris_studio
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2012-0114

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : mysql mysql
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1588

    Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application cras... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1587

    The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malf... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1573

    The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of ser... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1584

    The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service ... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2023-26819

    cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}.... Read more

    Affected Products : cjson
    • Published: Apr. 19, 2025
    • Modified: Jun. 25, 2025

  • 2.9

    LOW
    CVE-2012-1820

    The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF... Read more

    Affected Products : quagga
    • Published: Jun. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1590

    Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2013-1578

    The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to caus... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2012-0042

    Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to... Read more

    Affected Products : enterprise_linux wireshark
    • Published: Apr. 11, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2015-4961

    IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 does not encrypt connections betwee... Read more

    Affected Products : tealeaf_customer_experience
    • Published: Nov. 24, 2016
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2025-27400

    Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Versions prior to 20.12.3 and 20.13.0 contain a vulnerabil... Read more

    Affected Products : magento
    • Published: Feb. 28, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 293352 Results