Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2025-26493

    In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab... Read more

    Affected Products : teamcity
    • Published: Feb. 11, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-31139

    In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log... Read more

    Affected Products : teamcity
    • Published: Mar. 27, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Information Disclosure

  • 6.1

    MEDIUM
    CVE-2025-31140

    In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page... Read more

    Affected Products : teamcity
    • Published: Mar. 27, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2025-31141

    In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page... Read more

    Affected Products : teamcity
    • Published: Mar. 27, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-46432

    In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs... Read more

    Affected Products : teamcity
    • Published: Apr. 25, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2025-46433

    In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible... Read more

    Affected Products : teamcity
    • Published: Apr. 25, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Path Traversal

  • 6.1

    MEDIUM
    CVE-2025-46618

    In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab... Read more

    Affected Products : teamcity
    • Published: Apr. 25, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.3

    HIGH
    CVE-2025-20104

    Race condition in some Administrative Tools for some Intel(R) Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Race Condition

  • 4.8

    MEDIUM
    CVE-2024-31150

    Out-of-bounds read for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Information Disclosure

  • 5.8

    MEDIUM
    CVE-2024-43101

    Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 5.0

    MEDIUM
    CVE-2025-20076

    Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 8.7

    HIGH
    CVE-2025-20100

    Improper access control in the memory controller configurations for some Intel(R) Xeon(R) 6 processor with E-cores may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 8.7

    HIGH
    CVE-2025-24308

    Improper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and M50FCP may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2024-8988

    The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.6.0 via the file_download REST API endpoint due to missing validation on a user controlled key. This makes it po... Read more

    Affected Products :
    • Published: May. 14, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 9.5

    CRITICAL
    CVE-2025-47292

    Cap Collectif is an online decision making platform that integrates several tools. Before commit 812f2a7d271b76deab1175bdaf2be0b8102dd198, the `DebateAlternateArgumentsResolver` deserializes a `Cursor`, allowing any classes and which can be controlled by ... Read more

    Affected Products :
    • Published: May. 14, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authentication

  • 8.7

    HIGH
    CVE-2025-4637

    Divide By Zero vulnerability in davisking dlib allows remote attackers to cause a denial of service via a crafted file. .This issue affects dlib: before <19.24.7.... Read more

    Affected Products :
    • Published: May. 14, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Denial of Service

  • 2.0

    LOW
    CVE-2025-0138

    Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized access. Compute in Prisma Cloud Enterprise Edition is not aff... Read more

    Affected Products : prisma_cloud_compute_edition
    • Published: May. 14, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authentication

  • 6.1

    MEDIUM
    CVE-2024-48869

    Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 8.3

    HIGH
    CVE-2025-20006

    Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Denial of Service

  • 8.4

    HIGH
    CVE-2025-20018

    Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : graphics_drivers
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization
Showing 20 of 291794 Results