Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.2

    LOW
    CVE-2024-23843

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Genians Genian NAC V5.0, Genians Genian NAC LTS V5.0.This issue affects Genian NAC V5.0: from V5.0.0 through V5.0.60; Genian NAC LTS V5.0: from 5.0.0 LTS... Read more

    Affected Products :
    • Published: Oct. 28, 2024
    • Modified: Oct. 28, 2024

  • 2.2

    LOW
    CVE-2025-47823

    Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a hardcoded password for a system.... Read more

    Affected Products :
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Misconfiguration

  • 2.2

    LOW
    CVE-2025-47818

    Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection.... Read more

    Affected Products :
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Misconfiguration

  • 2.2

    LOW
    CVE-2025-47821

    Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for a system.... Read more

    Affected Products :
    • Published: Jun. 27, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Authentication

  • 2.1

    LOW
    CVE-2025-46553

    @misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main `summaly` function causes the `allowRedirects` option to never be passed to any plugins, and as a result, i... Read more

    Affected Products :
    • Published: May. 05, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Misconfiguration

  • 2.1

    LOW
    CVE-2025-30371

    Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to circumvention of local link access protection in GeoJson endpoint. Self hosted Metabase instances that are us... Read more

    Affected Products : metabase
    • Published: Mar. 28, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Misconfiguration

  • 2.1

    LOW
    CVE-2024-53698

    A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2024-38638

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2025-27726

    Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file download process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product'... Read more

    Affected Products :
    • Published: Mar. 28, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Path Traversal

  • 2.1

    LOW
    CVE-2024-53699

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2024-53697

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2005-2586

    Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web administration password in cleartext in the backup configuration file, which allows local users to obtain sensitive information.... Read more

    Affected Products : adslfr4ii
    • EPSS Score: %0.07
    • Published: Aug. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1405

    HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.... Read more

    Affected Products : lotus_notes
    • EPSS Score: %0.08
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-2978

    Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CV... Read more

    Affected Products : cognos_business_intelligence
    • EPSS Score: %0.26
    • Published: Aug. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-0464

    Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.... Read more

    Affected Products : tripwire
    • EPSS Score: %0.08
    • Published: Jan. 04, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1205

    nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.32
    • Published: Jun. 07, 1996
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-1393

    Cross-site scripting (XSS) vulnerability in the CurvyCorners module 6.x-1.x and 7.x-1.x for Drupal allows remote authenticated users with the "administer curvycorners" permission to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : drupal curvycorners
    • EPSS Score: %0.47
    • Published: Jun. 20, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2003-1289

    The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies addit... Read more

    Affected Products : freebsd netbsd
    • EPSS Score: %0.08
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0729

    FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-6110

    bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.... Read more

    Affected Products : bcron_exec
    • EPSS Score: %0.07
    • Published: Sep. 29, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291794 Results