Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.8

    LOW
    CVE-2025-30166

    Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session co... Read more

    Affected Products : admin_classic_bundle
    • Published: Apr. 08, 2025
    • Modified: Apr. 08, 2025
    • Vuln Type: Cross-Site Scripting

  • 1.8

    LOW
    CVE-2016-0453

    Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.... Read more

    Affected Products : glassfish_server fusion_middleware
    • EPSS Score: %0.52
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.8

    LOW
    CVE-2018-3270

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where S... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.19
    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024

  • 1.8

    LOW
    CVE-2013-7290

    The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the ... Read more

    Affected Products : memcached
    • EPSS Score: %0.21
    • Published: Jan. 13, 2014
    • Modified: Apr. 11, 2025

  • 1.8

    LOW
    CVE-2019-3008

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDAP Library). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.28
    • Published: Oct. 16, 2019
    • Modified: Nov. 21, 2024

  • 1.8

    LOW
    CVE-2016-8284

    Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.... Read more

    Affected Products : mysql
    • EPSS Score: %0.08
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 1.8

    LOW
    CVE-2023-21928

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Ora... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.04
    • Published: Apr. 18, 2023
    • Modified: Nov. 21, 2024

  • 1.7

    LOW
    CVE-2013-0982

    The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattend... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %0.05
    • Published: Jun. 05, 2013
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2012-0075

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.42
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-0554

    Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2006-5749

    The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2011-2240

    Unspecified vulnerability in the Oracle Universal Installer component in Oracle Database Server 10.1.0.5 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.39
    • Published: Jul. 20, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2012-0494

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.... Read more

    Affected Products : mysql
    • EPSS Score: %0.06
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2013-2382

    Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 12.0.1 allows local users to affect confidentiality via vectors related to BASE.... Read more

    Affected Products : financial_services_software
    • EPSS Score: %0.15
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2004-2657

    Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list o... Read more

    Affected Products : firefox
    • EPSS Score: %0.07
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2011-2311

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerability than CVE-2011-2313.... Read more

    Affected Products : solaris
    • EPSS Score: %0.09
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-0956

    nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server.... Read more

    Affected Products : nufw_firewall
    • EPSS Score: %0.24
    • Published: Mar. 02, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2025-30218

    Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which persisted across multiple incoming requests. However, this subrequest ID is sent to all requests, eve... Read more

    Affected Products : next.js
    • Published: Apr. 02, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Misconfiguration

  • 1.7

    LOW
    CVE-2005-2993

    Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.18
    • Published: Sep. 20, 2005
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2008-1754

    Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.... Read more

    Affected Products : altiris_deployment_solution
    • EPSS Score: %0.08
    • Published: Apr. 11, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291615 Results