Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.5

    LOW
    CVE-2018-20942

    cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).... Read more

    Affected Products : cpanel
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2023-2197

    HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be ... Read more

    Affected Products : vault
    • Published: May. 01, 2023
    • Modified: Jan. 30, 2025

  • 2.5

    LOW
    CVE-2017-18412

    cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296).... Read more

    Affected Products : cpanel
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2025-2149

    A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point leads to improper initializ... Read more

    Affected Products : pytorch pytorch
    • Published: Mar. 10, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Misconfiguration

  • 2.5

    LOW
    CVE-2025-5643

    A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption.... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2024-27457

    Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products : tdx_module_software
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 2.5

    LOW
    CVE-2024-58251

    In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.... Read more

    Affected Products : busybox
    • Published: Apr. 23, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Denial of Service

  • 2.5

    LOW
    CVE-2025-32408

    In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled.... Read more

    Affected Products : iam
    • Published: Apr. 21, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 2.5

    LOW
    CVE-2024-43785

    gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form AN... Read more

    Affected Products :
    • Published: Aug. 22, 2024
    • Modified: Aug. 23, 2024

  • 2.5

    LOW
    CVE-2017-3513

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon ... Read more

    Affected Products : vm_virtualbox
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 2.5

    LOW
    CVE-2025-5646

    A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corrup... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2025-5644

    A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after fr... Read more

    Affected Products : radare2
    • Published: Jun. 05, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 2.5

    LOW
    CVE-2020-8912

    A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them ... Read more

    Affected Products : aws_s3_crypto_sdk
    • Published: Aug. 11, 2020
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2024-9203

    A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack h... Read more

    Affected Products :
    • Published: Sep. 26, 2024
    • Modified: Sep. 30, 2024

  • 2.5

    LOW
    CVE-2023-4986

    A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. Affected by this vulnerability is an unknown functionality of the file Project.xml. The manipulation leads to password hash with insufficient computational effort.... Read more

    Affected Products : inplant_scada
    • Published: Sep. 15, 2023
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2021-2149

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Orac... Read more

    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 2.5

    LOW
    CVE-2025-23253

    NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to ... Read more

    Affected Products :
    • Published: Apr. 22, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Cryptography

  • 2.5

    LOW
    CVE-2017-1346

    IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan. IBM X-Force ID: 126461.... Read more

    Affected Products : business_process_manager
    • Published: Sep. 25, 2017
    • Modified: Apr. 20, 2025

  • 2.5

    LOW
    CVE-2024-45305

    gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration file that belongs to the `git` installation itself, but mistakenly treats the local repository's config... Read more

    Affected Products :
    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024

  • 2.5

    LOW
    CVE-2019-11191

    The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 12, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293562 Results