Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2022-42818

    This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity.... Read more

    Affected Products : macos
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 6.5

    MEDIUM
    CVE-2022-42817

    A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. Visiting a maliciously crafted website may leak sensitive data.... Read more

    Affected Products : iphone_os watchos ipados
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 9.8

    CRITICAL
    CVE-2021-33420

    A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.... Read more

    Affected Products : replicator
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 6.1

    MEDIUM
    CVE-2020-36607

    Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.... Read more

    Affected Products : feehicms
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 6.1

    MEDIUM
    CVE-2020-20589

    Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.... Read more

    Affected Products : feehicms
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 8.8

    HIGH
    CVE-2020-20588

    File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.... Read more

    Affected Products : ibarn
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.4

    MEDIUM
    CVE-2025-30713

    Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager product of Oracle PeopleSoft (component: Job Opening). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network ... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2025-30711

    Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with net... Read more

    Affected Products : applications_framework
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-30710

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... Read more

    Affected Products : mysql_cluster
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-30705

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access v... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2025-30709

    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access ... Read more

    Affected Products : jd_edwards_enterpriseone_tools
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-30728

    Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compr... Read more

    Affected Products : configurator
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 5.3

    MEDIUM
    CVE-2025-30726

    Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via... Read more

    Affected Products : application_object_library
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Information Disclosure

  • 6.7

    MEDIUM
    CVE-2025-30725

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac... Read more

    Affected Products : vm_virtualbox
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-30724

    Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via H... Read more

    Affected Products : bi_publisher
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2025-30716

    Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with ... Read more

    Affected Products : common_applications
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 4.9

    MEDIUM
    CVE-2025-30715

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-30684

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-30683

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-30682

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network ac... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service
Showing 20 of 293309 Results