Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.0

    LOW
    CVE-2025-27608

    Arduino IDE 2.x is an IDE based on the Theia IDE framework and built with Electron. A Self Cross-Site Scripting (XSS) vulnerability has been identified within the Arduino-IDE prior to version v2.3.5. The vulnerability occurs in the Additional Board Manage... Read more

    Affected Products :
    • Published: Apr. 02, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 1.0

    LOW
    CVE-2025-49842

    conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. Prior to version 2025.3.24, the conda_forge_webservice Docker container executes commands without specifying a user. By default, Docker containers run as the ro... Read more

    Affected Products :
    • Published: Jun. 17, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Misconfiguration

  • 1.0

    LOW
    CVE-2004-2648

    FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file.... Read more

    Affected Products : freezex
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.0

    LOW
    CVE-2014-2488

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality via unknown vectors related to Core.... Read more

    Affected Products : vm_virtualbox
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 1.0

    LOW
    CVE-2024-51481

    Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders (such as `builtin:fetchurl`, exposed to users with `import <nix/fetchurl.nix>`) were not executed in the macOS sandbox. Thus, these builders (which are running under th... Read more

    Affected Products : nix nix
    • Published: Oct. 31, 2024
    • Modified: Nov. 01, 2024

  • 1.0

    LOW
    CVE-2025-9092

    Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.N... Read more

    Affected Products : bouncy_castle_for_java
    • Published: Aug. 16, 2025
    • Modified: Aug. 18, 2025
    • Vuln Type: Denial of Service

  • 1.0

    LOW
    CVE-2020-12492

    Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information.... Read more

    Affected Products :
    • Published: Nov. 25, 2024
    • Modified: Nov. 25, 2024

  • 1.0

    LOW
    CVE-2010-2389

    Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Lo... Read more

    Affected Products : database_server fusion_middleware
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 1.0

    LOW
    CVE-2025-3301

    DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confident... Read more

    Affected Products :
    • Published: Apr. 29, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Cryptography

  • 1.0

    LOW
    CVE-2010-4431

    Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy.... Read more

    Affected Products : java_system_portal_server
    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025

  • 1.0

    LOW
    CVE-2009-3412

    Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : database_server application_server
    • Published: Jan. 13, 2010
    • Modified: Apr. 09, 2025

  • 1.0

    LOW
    CVE-2025-43789

    JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes which allows Service Access Policies get executed.... Read more

    Affected Products : liferay_portal dxp
    • Published: Sep. 12, 2025
    • Modified: Sep. 12, 2025
    • Vuln Type: Misconfiguration

  • 1.0

    LOW
    CVE-2024-12975

    A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.... Read more

    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 1.0

    LOW
    CVE-2008-3987

    Unspecified vulnerability in the Oracle Discoverer Desktop component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : application_server
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 0.0

    NA
    CVE-2024-53125

    In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2024
    • Modified: Dec. 19, 2024

  • 0.0

    NA
    CVE-2024-35967

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in cop... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Feb. 02, 2025

  • 0.0

    NA
    CVE-2024-35959

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow When mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which calls mlx5e_selq_apply() that assures that the `priv->state_l... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NA
    CVE-2025-38202

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf program. When BPF JIT is disabled or under ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 04, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2024-40943

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2_dio_wr_get_block", fstests/generic/300 become from always failed to sometimes fai... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NA
    CVE-2025-37837

    In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() Two WARNINGs are observed when SMMU driver rolls back upon failure: arm-smmu-v3.9.auto: Failed to register iommu arm-smm... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025
Showing 20 of 293654 Results