Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-13943

    Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected affected Tesla Model S vehicles. An attacker must first obtain the ability... Read more

    Affected Products : model_s_firmware model_s
    • Published: Apr. 30, 2025
    • Modified: Aug. 12, 2025

  • 5.0

    MEDIUM
    CVE-2024-6029

    Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass the firewall on the Iris modem in affected Tesla Model S vehicles. Authentication is not required to exploit this vulnera... Read more

    Affected Products : model_s_firmware model_s
    • Published: Apr. 30, 2025
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2024-6032

    Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code on the targ... Read more

    Affected Products : model_s_firmware model_s
    • Published: Apr. 30, 2025
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2024-11611

    AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is require... Read more

    • Published: Jan. 30, 2025
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2024-11610

    AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is require... Read more

    • Published: Jan. 30, 2025
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2024-11609

    AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction ... Read more

    • Published: Jan. 30, 2025
    • Modified: Aug. 12, 2025

  • 8.8

    HIGH
    CVE-2023-39478

    Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authe... Read more

    Affected Products : secure_integration_server
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 8.8

    HIGH
    CVE-2023-39479

    Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to expl... Read more

    Affected Products : secure_integration_server
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 6.5

    MEDIUM
    CVE-2023-39480

    Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authenticati... Read more

    Affected Products : secure_integration_server
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.1

    LOW
    CVE-2023-5600

    An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific referenc... Read more

    Affected Products : gitlab
    • Published: Jun. 20, 2025
    • Modified: Aug. 12, 2025

  • 8.1

    HIGH
    CVE-2024-4994

    An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions starting from 17.1.0 before 17.1.1 which allowed for a CSRF attack on GitLab's GraphQL API leading ... Read more

    Affected Products : gitlab
    • Published: Jun. 20, 2025
    • Modified: Aug. 12, 2025

  • 7.5

    HIGH
    CVE-2024-4025

    A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions from 7.10 prior before 16.11.5, version 17.0 before 17.0.3, and 17.1 before 17.1.1. It is possible for an attacker to cause a denial of service using a crafted ... Read more

    Affected Products : gitlab
    • Published: Jun. 20, 2025
    • Modified: Aug. 12, 2025

  • 9.9

    CRITICAL
    CVE-2025-5121

    An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and 18.0 before 18.0.2. A missing authorization check may have allowed compliance frameworks to be applied to projects outside the compliance framework's group.... Read more

    Affected Products : gitlab
    • Published: Jun. 20, 2025
    • Modified: Aug. 12, 2025

  • 8.7

    HIGH
    CVE-2025-2443

    An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before ... Read more

    Affected Products : gitlab
    • Published: Jun. 20, 2025
    • Modified: Aug. 12, 2025

  • 7.5

    HIGH
    CVE-2024-7586

    An issue was discovered in GitLab EE affecting all versions starting from 17.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, where webhook deletion audit log preserved auth credentials.... Read more

    Affected Products : gitlab
    • Published: Jun. 20, 2025
    • Modified: Aug. 12, 2025

  • 8.8

    HIGH
    CVE-2023-39481

    Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is ... Read more

    Affected Products : secure_integration_server
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 6.5

    MEDIUM
    CVE-2023-39482

    Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authe... Read more

    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 4.3

    MEDIUM
    CVE-2025-5846

    An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated compliance frameworks to projects by sending crafted Gra... Read more

    Affected Products : gitlab
    • Published: Jun. 26, 2025
    • Modified: Aug. 12, 2025

  • 4.3

    MEDIUM
    CVE-2025-5315

    An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by s... Read more

    Affected Products : gitlab
    • Published: Jun. 26, 2025
    • Modified: Aug. 12, 2025

  • 6.5

    MEDIUM
    CVE-2025-3279

    An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests.... Read more

    Affected Products : gitlab
    • Published: Jun. 26, 2025
    • Modified: Aug. 12, 2025
Showing 20 of 290981 Results