Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-35710

    Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vuln... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.5

    HIGH
    CVE-2024-45650

    IBM Security Verify Directory 10.0 through 10.0.3 is vulnerable to a denial of service when sending an LDAP extended operation.... Read more

    Affected Products : security_verify_directory
    • Published: Jan. 31, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-2016

    Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this ... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-13049

    Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-13047

    Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 5.3

    MEDIUM
    CVE-2024-45658

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the syste... Read more

    Affected Products : security_verify_access
    • Published: Feb. 04, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Information Disclosure

  • 7.2

    HIGH
    CVE-2025-20184

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. Th... Read more

    • Published: Feb. 05, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2023-39427

    In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 SP0 Build (1204.77), the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage ... Read more

    Affected Products : cobalt graphite xenon argon lithium
    • EPSS Score: %0.10
    • Published: Oct. 26, 2023
    • Modified: Aug. 08, 2025

  • 8.9

    HIGH
    CVE-2025-24326

    When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not eval... Read more

    • Published: Feb. 05, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2024-49814

    IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated user to increase their privileges due to execution with unnecessary privileges.... Read more

    Affected Products : security_verify_access
    • Published: Feb. 06, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authorization

  • 9.1

    CRITICAL
    CVE-2024-51450

    IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.... Read more

    Affected Products : security_verify_directory
    • Published: Feb. 06, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authentication

  • 6.8

    MEDIUM
    CVE-2025-0549

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.3 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. A security vulnerability allows attackers to bypass Device OAuth flow protections, enabli... Read more

    Affected Products : gitlab
    • Published: May. 09, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-8973

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a malicious cra... Read more

    Affected Products : gitlab
    • Published: May. 09, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-1908

    An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.... Read more

    Affected Products : gitlab
    • Published: Apr. 24, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-0639

    An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.... Read more

    Affected Products : gitlab
    • Published: Apr. 24, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Denial of Service

  • 4.3

    MEDIUM
    CVE-2024-12244

    An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabled in GitLab EE, affecting all versions from 17.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prio... Read more

    Affected Products : gitlab
    • Published: Apr. 24, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2024-43234

    Authentication Bypass Using an Alternate Path or Channel vulnerability in WofficeIO Woffice allows Authentication Bypass.This issue affects Woffice: from n/a through 5.4.14.... Read more

    Affected Products : woffice
    • Published: Dec. 16, 2024
    • Modified: Aug. 08, 2025

  • 8.7

    HIGH
    CVE-2024-39542

    An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthentica... Read more

    Affected Products : junos junos_os_evolved
    • Published: Jul. 11, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-34311

    Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vu... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-35713

    Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit ... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025
Showing 20 of 291401 Results