Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2025-3072

    Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 02, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Misconfiguration

  • 5.4

    MEDIUM
    CVE-2025-3071

    Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 02, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Misconfiguration

  • 4.8

    MEDIUM
    CVE-2025-30714

    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocol... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 4.4

    MEDIUM
    CVE-2025-30704

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker wi... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 2.7

    LOW
    CVE-2025-30703

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via m... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-30696

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access v... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-30693

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via m... Read more

    Affected Products : mysql_server mysql_cluster
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-30692

    Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Attachments). Supported versions that are affected are 12.2.7-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTT... Read more

    Affected Products : isupplier_portal
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 7.2

    HIGH
    CVE-2025-30690

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris... Read more

    Affected Products : solaris solaris
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-30689

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network a... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 7.2

    HIGH
    CVE-2022-46126

    Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.php?id=.... Read more

    Affected Products : helmet_store_showroom_site
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 7.2

    HIGH
    CVE-2022-46125

    Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manage_client&id=.... Read more

    Affected Products : helmet_store_showroom_site
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 7.2

    HIGH
    CVE-2022-46124

    Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=user/manage_user&id=.... Read more

    Affected Products : helmet_store_showroom_site
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 7.2

    HIGH
    CVE-2022-46123

    Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/manage_category.php?id=.... Read more

    Affected Products : helmet_store_showroom_site
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 6.7

    MEDIUM
    CVE-2022-42829

    A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 7.8

    HIGH
    CVE-2022-42820

    A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may cause unexpected app termination or arbitrary code execution.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42819

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 5.9

    MEDIUM
    CVE-2022-42818

    This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity.... Read more

    Affected Products : macos
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 6.5

    MEDIUM
    CVE-2022-42817

    A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. Visiting a maliciously crafted website may leak sensitive data.... Read more

    Affected Products : iphone_os watchos ipados
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 9.8

    CRITICAL
    CVE-2021-33420

    A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.... Read more

    Affected Products : replicator
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025
Showing 20 of 293338 Results