Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2024-20528

    A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on the underlying operating system of an affected device. To exploit this vulnerability, an attacker would need valid Super A... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 06, 2024
    • Modified: Apr. 28, 2025

  • 5.5

    MEDIUM
    CVE-2024-20527

    A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is ... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 06, 2024
    • Modified: Apr. 28, 2025

  • 5.4

    MEDIUM
    CVE-2024-20487

    A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 06, 2024
    • Modified: Apr. 28, 2025

  • 7.5

    HIGH
    CVE-2024-42022

    An incorrect permission assignment vulnerability allows an attacker to modify product configuration files.... Read more

    Affected Products : one
    • Published: Sep. 07, 2024
    • Modified: Apr. 28, 2025

  • 7.8

    HIGH
    CVE-2025-27169

    Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu... Read more

    Affected Products : macos windows illustrator
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-24449

    Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos windows illustrator
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-24448

    Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos windows illustrator
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2024-42023

    An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.... Read more

    Affected Products : one
    • Published: Sep. 07, 2024
    • Modified: Apr. 28, 2025

  • 7.8

    HIGH
    CVE-2025-27158

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27159

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27160

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025

  • 7.8

    HIGH
    CVE-2025-27161

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could lev... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27162

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-27163

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-27164

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-27174

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-24431

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Information Disclosure

  • 9.1

    CRITICAL
    CVE-2024-42024

    A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.... Read more

    Affected Products : one
    • Published: Sep. 07, 2024
    • Modified: Apr. 28, 2025

  • 5.4

    MEDIUM
    CVE-2024-56144

    librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters (Replace $DEVICE_ID with your specific $DEVICE_ID value):`/device/$DEVICE_ID/edit` -> param: display. Librenms versions u... Read more

    Affected Products : librenms
    • Published: Jan. 16, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-23198

    librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters (Replace $DEVICE_ID with your specific $DEVICE_ID value):`/device/$DEVICE_ID/edit` -> param: display. Librenms versions u... Read more

    Affected Products : librenms
    • Published: Jan. 16, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291739 Results