Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.4

    MEDIUM
    CVE-2020-14477

    In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternat... Read more

    • Published: Jun. 26, 2020
    • Modified: Jun. 04, 2025

  • 4.5

    MEDIUM
    CVE-2020-12023

    Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns (VS4), EarlyVue (VS30) and IntelliVue Guardian (IGS). Unencrypted user credentials received in the IntelliBridge Enterprise (IBE) a... Read more

    Affected Products : intellibridge_enterprise
    • Published: Jun. 11, 2020
    • Modified: Jun. 04, 2025

  • 6.5

    MEDIUM
    CVE-2022-23093

    ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generate... Read more

    Affected Products : freebsd
    • Published: Feb. 15, 2024
    • Modified: Jun. 04, 2025

  • 8.8

    HIGH
    CVE-2022-23092

    The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The b... Read more

    Affected Products : freebsd
    • Published: Feb. 15, 2024
    • Modified: Jun. 04, 2025

  • 4.0

    MEDIUM
    CVE-2022-23091

    A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that pr... Read more

    Affected Products : freebsd
    • Published: Feb. 15, 2024
    • Modified: Jun. 04, 2025

  • 7.7

    HIGH
    CVE-2022-23090

    The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free (UAF).... Read more

    Affected Products : freebsd
    • Published: Feb. 15, 2024
    • Modified: Jun. 04, 2025

  • 3.3

    LOW
    CVE-2024-25941

    The jail(2) system call has not limited a visiblity of allocated TTYs (the kern.ttys sysctl). This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jail... Read more

    Affected Products : freebsd
    • Published: Feb. 15, 2024
    • Modified: Jun. 04, 2025

  • 6.3

    MEDIUM
    CVE-2024-25940

    `bhyveload -h <host-path>` may be used to grant loader access to the <host-path> directory tree on the host. Affected versions of bhyveload(8) do not make any attempt to restrict loader's access to <host-path>, allowing the loader to read any file the ho... Read more

    Affected Products : freebsd
    • Published: Feb. 15, 2024
    • Modified: Jun. 04, 2025

  • 6.5

    MEDIUM
    CVE-2025-4353

    A vulnerability, which was classified as critical, was found in Brilliance Golden Link Secondary System up to 20250424. Affected is an unknown function of the file /paraframework/queryTsDictionaryType.htm. The manipulation of the argument dictCn1 leads to... Read more

    Affected Products :
    • Published: May. 06, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-4352

    A vulnerability, which was classified as critical, has been found in Brilliance Golden Link Secondary System up to 20250424. This issue affects some unknown processing of the file /reprotframework/tcEntrFlowSelect.htm. The manipulation of the argument cus... Read more

    Affected Products :
    • Published: May. 06, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-48951

    Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. Versions 8.0.0-BETA3 prior to 8.3.1 contain a vulnerability due to insecure deserialization of cookie data. If exploited, since SDKs process cookie content without prior authentication, ... Read more

    Affected Products : auth0
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Authentication

  • 8.3

    HIGH
    CVE-2025-48881

    Valtimo is a platform for Business Process Automation. In versions starting from 11.0.0.RELEASE to 11.3.3.RELEASE and 12.0.0.RELEASE to 12.12.0.RELEASE, all objects for which an object-management configuration exists can be listed, viewed, edited, created... Read more

    Affected Products :
    • Published: May. 30, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2024-22899

    Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.... Read more

    Affected Products : vinchin_backup_and_recovery
    • Published: Feb. 02, 2024
    • Modified: Jun. 04, 2025

  • 5.3

    MEDIUM
    CVE-2024-22646

    An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.... Read more

    Affected Products : seo_panel
    • Published: Jan. 30, 2024
    • Modified: Jun. 04, 2025

  • 7.2

    HIGH
    CVE-2024-22626

    Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=.... Read more

    Affected Products : supplier_management_system
    • Published: Jan. 16, 2024
    • Modified: Jun. 04, 2025

  • 5.8

    MEDIUM
    CVE-2024-20513

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected... Read more

    • Published: Oct. 02, 2024
    • Modified: Jun. 04, 2025

  • 5.9

    MEDIUM
    CVE-2024-20509

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for... Read more

    • Published: Oct. 02, 2024
    • Modified: Jun. 04, 2025

  • 7.5

    HIGH
    CVE-2024-20502

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insu... Read more

    • Published: Oct. 02, 2024
    • Modified: Jun. 04, 2025

  • 8.6

    HIGH
    CVE-2024-20501

    Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. ... Read more

    • Published: Oct. 02, 2024
    • Modified: Jun. 04, 2025

  • 7.5

    HIGH
    CVE-2024-20500

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vu... Read more

    • Published: Oct. 02, 2024
    • Modified: Jun. 04, 2025
Showing 20 of 292795 Results