Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2025-29686

    A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /inform/InformManageController.java.... Read more

    Affected Products : oa_system
    • Published: May. 14, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-29691

    A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.... Read more

    Affected Products : oa_system
    • Published: May. 14, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.8

    MEDIUM
    CVE-2024-21084

    Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access vi... Read more

    Affected Products : bi_publisher
    • Published: Apr. 16, 2024
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2024-21091

    Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Data Import). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with n... Read more

    • Published: Apr. 16, 2024
    • Modified: May. 29, 2025

  • 2.5

    LOW
    CVE-2024-21002

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more

    • Published: Apr. 16, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-41238

    A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits.... Read more

    Affected Products : dotci
    • Published: Sep. 21, 2022
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-37347

    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This... Read more

    Affected Products : security windows
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35782

    Azure Site Recovery Elevation of Privilege Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35781

    Azure Site Recovery Elevation of Privilege Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35780

    Azure Site Recovery Elevation of Privilege Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-35779

    Azure RTOS GUIX Studio Remote Code Execution Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 8.8

    HIGH
    CVE-2022-35777

    Visual Studio Remote Code Execution Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 6.2

    MEDIUM
    CVE-2022-35776

    Azure Site Recovery Denial of Service Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35775

    Azure Site Recovery Elevation of Privilege Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 4.9

    MEDIUM
    CVE-2022-35774

    Azure Site Recovery Elevation of Privilege Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-35773

    Azure RTOS GUIX Studio Remote Code Execution Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-32839

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app terminati... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32812

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32811

    A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.5

    HIGH
    CVE-2022-23948

    A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host.... Read more

    Affected Products : keylime
    • Published: Sep. 21, 2022
    • Modified: May. 29, 2025
Showing 20 of 292769 Results