Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2025-30687

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network ac... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 7.6

    HIGH
    CVE-2025-30686

    Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: EMC). Supported versions that are affected are 19.1-19.7. Easily exploitable vulnerability allows low privileged attacker with network access vi... Read more

    Affected Products : hospitality_simphony
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 4.9

    MEDIUM
    CVE-2025-30685

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-30707

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to ... Read more

    Affected Products : istore
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2025-30706

    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to ... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 7.3

    HIGH
    CVE-2025-30701

    Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account privilege with netw... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 3.5

    LOW
    CVE-2025-30700

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to com... Read more

    Affected Products : solaris solaris
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 4.9

    MEDIUM
    CVE-2025-30699

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with ne... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 5.4

    MEDIUM
    CVE-2025-30697

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network ... Read more

    Affected Products : peoplesoft_enterprise_peopletools
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2025-30740

    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access v... Read more

    Affected Products : jd_edwards_enterpriseone_tools
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 7.4

    HIGH
    CVE-2025-30736

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 8.1

    HIGH
    CVE-2025-30735

    Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Page and Field Configuration). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attack... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 6.1

    MEDIUM
    CVE-2025-30732

    Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via... Read more

    Affected Products : application_object_library
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authentication

  • 3.6

    LOW
    CVE-2025-30731

    Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite (component: Configuration). Supported versions that are affected are 12.2.3-12.2.14. Difficult to exploit vulnerability allows unauthenticated attacker with logo... Read more

    Affected Products : applications_technology_stack
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 9.1

    CRITICAL
    CVE-2022-47411

    An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operatio... Read more

    Affected Products : fp_newsletter
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 9.1

    CRITICAL
    CVE-2022-47410

    An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.... Read more

    Affected Products : fp_newsletter
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 9.1

    CRITICAL
    CVE-2022-47409

    An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscript... Read more

    Affected Products : fp_newsletter
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 9.1

    CRITICAL
    CVE-2022-47408

    An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.... Read more

    Affected Products : fp_newsletter
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 6.5

    MEDIUM
    CVE-2022-47407

    An issue was discovered in the fp_masterquiz (aka Master-Quiz) extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can continue the quiz of a different user. In doing so, the attacker can view that user's answers and modify those answers.... Read more

    Affected Products : master-quiz
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 9.8

    CRITICAL
    CVE-2022-47406

    An issue was discovered in the fe_change_pwd (aka Change password for frontend users) extension before 2.0.5, and 3.x before 3.0.3, for TYPO3. The extension fails to revoke existing sessions for the current user when the password has been changed.... Read more

    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025
Showing 20 of 293564 Results