Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2024-20979

    Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network acce... Read more

    Affected Products : bi_publisher
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 4.9

    MEDIUM
    CVE-2024-20971

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... Read more

    Affected Products : mysql oncommand_insight mysql_server
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-20969

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m... Read more

    Affected Products : mysql oncommand_insight mysql_server
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 4.4

    MEDIUM
    CVE-2024-20959

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Ora... Read more

    Affected Products : zfs_storage_appliance_kit
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 3.7

    LOW
    CVE-2024-20955

    Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 2... Read more

    Affected Products : graalvm graalvm_for_jdk
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 6.1

    MEDIUM
    CVE-2024-20938

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise O... Read more

    Affected Products : istore
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 6.1

    MEDIUM
    CVE-2024-20936

    Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access vi... Read more

    Affected Products : one-to-one_fulfillment
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 2.3

    LOW
    CVE-2024-20914

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Ora... Read more

    Affected Products : zfs_storage_appliance_kit
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 2.7

    LOW
    CVE-2024-20912

    Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle ... Read more

    Affected Products : audit_vault_and_database_firewall
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 3.0

    LOW
    CVE-2024-20910

    Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracl... Read more

    Affected Products : audit_vault_and_database_firewall
    • Published: Jan. 16, 2024
    • Modified: Jun. 03, 2025

  • 9.3

    CRITICAL
    CVE-2024-1143

    Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.... Read more

    Affected Products : central_dogma
    • Published: Feb. 02, 2024
    • Modified: Jun. 03, 2025

  • 8.8

    HIGH
    CVE-2024-1077

    Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)... Read more

    Affected Products : fedora chrome edge_chromium
    • Published: Jan. 30, 2024
    • Modified: Jun. 03, 2025

  • 9.8

    CRITICAL
    CVE-2023-51812

    Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList.... Read more

    Affected Products : ax3_firmware ax3
    • Published: Jan. 04, 2024
    • Modified: Jun. 03, 2025

  • 6.1

    MEDIUM
    CVE-2023-50933

    IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113. ... Read more

    Affected Products : powersc
    • Published: Feb. 02, 2024
    • Modified: Jun. 03, 2025

  • 7.1

    HIGH
    CVE-2023-50342

    HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A user can obtain certain details about another user as a result of improper access control. ... Read more

    Affected Products : dryice_myxalytics
    • Published: Jan. 03, 2024
    • Modified: Jun. 03, 2025

  • 7.1

    HIGH
    CVE-2023-49739

    Vulnerability in IdeaBox Creations PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a through 2.9.23.... Read more

    • Published: Dec. 14, 2023
    • Modified: Jun. 03, 2025

  • 7.5

    HIGH
    CVE-2023-45718

    Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive cookie values in a persistent manner in Sametime Web clients. When this happens, cookie values can remain valid even after a user has closed out their session.... Read more

    Affected Products : sametime
    • Published: Feb. 09, 2024
    • Modified: Jun. 03, 2025

  • 4.1

    MEDIUM
    CVE-2023-45716

    Sametime is impacted by sensitive information passed in URL. ... Read more

    Affected Products : sametime
    • Published: Feb. 09, 2024
    • Modified: Jun. 03, 2025

  • 7.5

    HIGH
    CVE-2023-45696

    Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client. By default, this allows user entered data to be stored by the browser. ... Read more

    Affected Products : sametime
    • Published: Feb. 10, 2024
    • Modified: Jun. 03, 2025

  • 6.1

    MEDIUM
    CVE-2023-45190

    IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cr... Read more

    • Published: Feb. 09, 2024
    • Modified: Jun. 03, 2025
Showing 20 of 293284 Results