Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.0

    LOW
    CVE-2011-0821

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp.... Read more

    Affected Products : sunos solaris
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2010-3506

    Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : sun_products_suite
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2010-2374

    Unspecified vulnerability in Solaris Studio 12 update 1 allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : solaris_studio
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2024-20910

    Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracl... Read more

    Affected Products : audit_vault_and_database_firewall
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 3.0

    LOW
    CVE-2012-0114

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : mysql mysql
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 3.0

    LOW
    CVE-2016-4534

    The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.... Read more

    Affected Products : virusscan_enterprise windows
    • Published: May. 05, 2016
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2016-3485

    Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.... Read more

    Affected Products : jdk jre jrockit
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2025-46656

    python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. This causes memory consumption.... Read more

    Affected Products : markdownify
    • Published: Apr. 26, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Denial of Service

  • 2.9

    LOW
    CVE-2025-27576

    Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Denial of Service

  • 2.9

    LOW
    CVE-2013-3984

    The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission w... Read more

    Affected Products : sametime sametime_meeting_server
    • Published: May. 26, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2024-28607

    The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via a falsy isPrivate return value.... Read more

    Affected Products :
    • Published: Mar. 11, 2025
    • Modified: Mar. 11, 2025
    • Vuln Type: Server-Side Request Forgery

  • 2.9

    LOW
    CVE-2023-26819

    cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}.... Read more

    Affected Products : cjson
    • Published: Apr. 19, 2025
    • Modified: Jun. 25, 2025

  • 2.9

    LOW
    CVE-2013-1575

    The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of ... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2014-2568

    Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operat... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Mar. 24, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2014-6381

    Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a den... Read more

    • Published: Dec. 12, 2014
    • Modified: Apr. 12, 2025

  • 2.9

    LOW
    CVE-2025-46393

    In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).... Read more

    Affected Products : imagemagick
    • Published: Apr. 23, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 2.9

    LOW
    CVE-2013-1579

    The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to ... Read more

    Affected Products : wireshark
    • Published: Feb. 03, 2013
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2022-21485

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • Published: Apr. 19, 2022
    • Modified: Nov. 21, 2024

  • 2.9

    LOW
    CVE-2012-2422

    Intuit QuickBooks 2009 through 2012 might allow remote attackers to obtain pathname information via the qbwc://docontrol/GetCompanyFile functionality.... Read more

    Affected Products : quickbooks
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 2.9

    LOW
    CVE-2022-21486

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high pr... Read more

    • Published: Apr. 19, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293639 Results