Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2019-0713

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest... Read more

    • EPSS Score: %0.52
    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 6.8

    MEDIUM
    CVE-2019-0711

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest... Read more

    • EPSS Score: %0.52
    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 6.8

    MEDIUM
    CVE-2019-0710

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest... Read more

    • EPSS Score: %0.52
    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 8.4

    HIGH
    CVE-2019-0709

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application... Read more

    • EPSS Score: %30.64
    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 8.4

    HIGH
    CVE-2019-0620

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application... Read more

    • EPSS Score: %0.42
    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 5.8

    MEDIUM
    CVE-2025-23382

    Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged attacker with remote access could potentially exploit this vu... Read more

    Affected Products : secure_connect_gateway
    • Published: Mar. 19, 2025
    • Modified: May. 20, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-26475

    Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensur... Read more

    Affected Products : secure_connect_gateway
    • Published: Mar. 19, 2025
    • Modified: May. 20, 2025

  • 9.8

    CRITICAL
    CVE-2022-40944

    Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file.... Read more

    Affected Products : dairy_farm_shop_management_system
    • EPSS Score: %0.29
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 4.3

    MEDIUM
    CVE-2022-40316

    The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.... Read more

    • EPSS Score: %0.20
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 9.8

    CRITICAL
    CVE-2022-40315

    A limited SQL injection risk was identified in the "browse list of users" site administration page.... Read more

    • EPSS Score: %0.40
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 6.1

    MEDIUM
    CVE-2022-36965

    Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).... Read more

    Affected Products : orion_platform solarwinds_platform
    • EPSS Score: %0.92
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 8.1

    HIGH
    CVE-2021-33354

    Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter.... Read more

    Affected Products : htmly
    • EPSS Score: %0.60
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 8.4

    HIGH
    CVE-2025-27088

    oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to sessio... Read more

    Affected Products : s3-proxy
    • Published: Feb. 20, 2025
    • Modified: May. 20, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2024-45818

    The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. Th... Read more

    Affected Products : xen
    • Published: Dec. 19, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2022-41975

    RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode.... Read more

    Affected Products : vnc_server windows vnc_viewer
    • EPSS Score: %0.04
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025

  • 6.5

    MEDIUM
    CVE-2022-41606

    HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0.... Read more

    Affected Products : nomad
    • EPSS Score: %0.30
    • Published: Oct. 12, 2022
    • Modified: May. 20, 2025

  • 6.5

    MEDIUM
    CVE-2022-41550

    GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header.... Read more

    Affected Products : osip
    • EPSS Score: %0.16
    • Published: Oct. 11, 2022
    • Modified: May. 20, 2025

  • 7.2

    HIGH
    CVE-2022-41532

    Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_plan.... Read more

    • EPSS Score: %0.13
    • Published: Oct. 12, 2022
    • Modified: May. 20, 2025

  • 8.8

    HIGH
    CVE-2022-41204

    An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allow... Read more

    Affected Products : commerce
    • EPSS Score: %0.37
    • Published: Oct. 11, 2022
    • Modified: May. 20, 2025

  • 9.8

    CRITICAL
    CVE-2022-40943

    Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file.... Read more

    Affected Products : dairy_farm_shop_management_system
    • EPSS Score: %0.26
    • Published: Sep. 30, 2022
    • Modified: May. 20, 2025
Showing 20 of 292228 Results