Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.2

    LOW
    CVE-2020-25743

    hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.... Read more

    • Published: Oct. 06, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2010-2383

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.... Read more

    Affected Products : solaris opensolaris
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2010-2376

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console.... Read more

    Affected Products : solaris
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2010-3508

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Zones.... Read more

    Affected Products : solaris
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2007-0282

    Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02.... Read more

    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 3.2

    LOW
    CVE-2013-5883

    Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2014-6588

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than... Read more

    Affected Products : opensuse vm_virtualbox
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 3.2

    LOW
    CVE-2020-25084

    QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.... Read more

    Affected Products : debian_linux qemu
    • Published: Sep. 25, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2024-30127

    Missing "no cache" headers in HCL Leap permits sensitive data to be cached.... Read more

    Affected Products :
    • Published: Apr. 24, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2023-37516

    Missing "no cache" headers in HCL Leap permits user directory information to be cached.... Read more

    Affected Products :
    • Published: Apr. 24, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2025-48931

    The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort.... Read more

    Affected Products : telemessage
    • Published: May. 28, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cryptography

  • 3.2

    LOW
    CVE-2025-29431

    Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/department.php via the id, code, and name parameters.... Read more

    • Published: Mar. 17, 2025
    • Modified: Apr. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.2

    LOW
    CVE-2021-25332

    Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition.... Read more

    Affected Products : pay_mini
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2025-54956

    The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request.... Read more

    Affected Products :
    • Published: Aug. 03, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Information Disclosure

  • 3.2

    LOW
    CVE-2025-52991

    The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially l... Read more

    Affected Products : nix
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Misconfiguration

  • 3.2

    LOW
    CVE-2013-1923

    rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks.... Read more

    Affected Products : nfs-utils
    • Published: Jan. 21, 2014
    • Modified: Apr. 11, 2025

  • 3.2

    LOW
    CVE-2021-20203

    An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash th... Read more

    Affected Products : fedora debian_linux qemu
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2025-0036

    In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data.... Read more

    Affected Products :
    • Published: Jun. 10, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Cryptography

  • 3.2

    LOW
    CVE-2018-1725

    IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. IBM X-Force ID: 147440.... Read more

    • Published: Nov. 05, 2020
    • Modified: Nov. 21, 2024

  • 3.2

    LOW
    CVE-2024-36331

    Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 294072 Results