Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.4

    HIGH
    CVE-2025-21587

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle Gr... Read more

    Affected Products : jdk jre graalvm java_se graalvm_for_jdk
    • Published: Apr. 15, 2025
    • Modified: Apr. 29, 2025

  • 7.3

    HIGH
    CVE-2025-21571

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.24 and prior to 7.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the... Read more

    Affected Products : vm_virtualbox
    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2025-22929

    OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the filter_id parameter at /students/StudentFilters.php.... Read more

    Affected Products : opensis
    • Published: Apr. 03, 2025
    • Modified: Apr. 29, 2025

  • 6.1

    MEDIUM
    CVE-2025-21570

    Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications (component: Login). The supported version that is affected is 8.2.3. Easily exploitable vulnerability allows unauthenticated attacker with network acce... Read more

    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2025-21565

    Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Install). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro... Read more

    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 8.1

    HIGH
    CVE-2025-21564

    Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access ... Read more

    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 4.3

    MEDIUM
    CVE-2025-21563

    Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Run Control Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker wit... Read more

    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 4.3

    MEDIUM
    CVE-2025-21562

    Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Run Control Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker wit... Read more

    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2025-22930

    OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the groupid parameter at /messaging/Group.php.... Read more

    Affected Products : opensis
    • Published: Apr. 03, 2025
    • Modified: Apr. 29, 2025

  • 6.5

    MEDIUM
    CVE-2025-21560

    Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Software Development Kit). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network acces... Read more

    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 9.9

    CRITICAL
    CVE-2025-21556

    Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access ... Read more

    • Published: Jan. 21, 2025
    • Modified: Apr. 29, 2025

  • 8.6

    HIGH
    CVE-2025-1976

    Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.... Read more

    Affected Products : fabric_operating_system
    • Actively Exploited
    • Published: Apr. 24, 2025
    • Modified: Apr. 29, 2025

  • 6.2

    MEDIUM
    CVE-2021-47228

    In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. In order for this memory to not be re-used by the kernel ... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2025-42599

    Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-s... Read more

    Affected Products : active\!_mail
    • Actively Exploited
    • Published: Apr. 18, 2025
    • Modified: Apr. 29, 2025

  • 5.5

    MEDIUM
    CVE-2021-47246

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix page reclaim for dead peer hairpin When adding a hairpin flow, a firmware-side send queue is created for the peer net device, which claims some host memory pages for its ... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 29, 2025

  • 8.8

    HIGH
    CVE-2024-4877

    OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges... Read more

    Affected Products : openvpn windows sinema_remote_connect
    • Published: Apr. 03, 2025
    • Modified: Apr. 29, 2025

  • 5.4

    MEDIUM
    CVE-2024-3081

    A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of the file assets/js/autocomplete.js of the component Autocomplete. The manipulation of the argu... Read more

    Affected Products : easyadmin
    • Published: Mar. 29, 2024
    • Modified: Apr. 29, 2025

  • 5.5

    MEDIUM
    CVE-2021-47236

    In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to f... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 29, 2025

  • 5.5

    MEDIUM
    CVE-2021-47234

    In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() Use clk_disable_unprepare() in the error path of mtk_phy_init() to fix some resource leaks.... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 29, 2025

  • 5.9

    MEDIUM
    CVE-2025-2279

    The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored C... Read more

    Affected Products : maps
    • Published: Apr. 04, 2025
    • Modified: Apr. 29, 2025
Showing 20 of 291162 Results