Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.8

    LOW
    CVE-2021-2147

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure w... Read more

    • EPSS Score: %0.08
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 1.8

    LOW
    CVE-2025-30166

    Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session co... Read more

    Affected Products : admin_classic_bundle
    • Published: Apr. 08, 2025
    • Modified: Apr. 08, 2025
    • Vuln Type: Cross-Site Scripting

  • 1.7

    LOW
    CVE-2025-30218

    Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which persisted across multiple incoming requests. However, this subrequest ID is sent to all requests, eve... Read more

    Affected Products : next.js
    • Published: Apr. 02, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Misconfiguration

  • 1.7

    LOW
    CVE-2014-2926

    kapfa.sys in Kaseya Virtual System Administrator (VSA) 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16 allows local users to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.... Read more

    Affected Products : virtual_system_administrator
    • EPSS Score: %0.05
    • Published: Jul. 14, 2014
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2006-6286

    Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: ... Read more

    Affected Products : palm_desktop
    • EPSS Score: %0.05
    • Published: Dec. 04, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2010-3406

    Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM AIX 5.3 allows local users to leverage system group membership and delete files via unknown vectors.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Sep. 16, 2010
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2008-1754

    Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.... Read more

    Affected Products : altiris_deployment_solution
    • EPSS Score: %0.08
    • Published: Apr. 11, 2008
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2005-2993

    Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.18
    • Published: Sep. 20, 2005
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2008-3973

    Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local users to affect confidentiality via unknown vectors.... Read more

    • EPSS Score: %0.09
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2009-1990

    Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : application_server
    • EPSS Score: %0.11
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2007-0288

    Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.... Read more

    Affected Products : application_server
    • EPSS Score: %0.37
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2015-4792

    Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.... Read more

    • EPSS Score: %1.02
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2013-5874

    Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows local users to affect confidentiality via unknown vectors related to Logging.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.08
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2013-2997

    IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action, which allows remote attackers to hijack sessions by leveraging an unattended workstation.... Read more

    Affected Products : security_appscan
    • EPSS Score: %0.08
    • Published: Sep. 08, 2013
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2008-0996

    The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.06
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2006-0391

    Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.63
    • Published: Mar. 03, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2004-2657

    Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list o... Read more

    Affected Products : firefox
    • EPSS Score: %0.07
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2025-43863

    vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password ... Read more

    Affected Products : vantage6
    • Published: Jun. 12, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Authentication

  • 1.7

    LOW
    CVE-2006-6655

    The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs fi... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2005-1976

    Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.... Read more

    Affected Products : netmail
    • EPSS Score: %0.07
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291641 Results