Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-36071

    IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release ... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2024-52894

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions w... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2024-20536

    A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected device. ... Read more

    • Published: Nov. 06, 2024
    • Modified: Aug. 07, 2025

  • 5.3

    MEDIUM
    CVE-2025-20150

    A vulnerability in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to enumerate LDAP user accounts. This vulnerability is due to the improper handling of LDAP authentication requests. An attacker could exploit this vulnerability b... Read more

    Affected Products : nexus_dashboard
    • Published: Apr. 16, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2022-20626

    A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid c... Read more

    Affected Products : prime_access_registrar
    • Published: Nov. 15, 2024
    • Modified: Aug. 07, 2025

  • 6.1

    MEDIUM
    CVE-2022-20654

    A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient va... Read more

    Affected Products : webex_meetings
    • Published: Nov. 15, 2024
    • Modified: Aug. 07, 2025

  • 7.6

    HIGH
    CVE-2024-4981

    A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.... Read more

    Affected Products : pagure
    • Published: May. 12, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Path Traversal

  • 7.6

    HIGH
    CVE-2024-4982

    A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.... Read more

    Affected Products : pagure
    • Published: May. 12, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Path Traversal

  • 5.3

    MEDIUM
    CVE-2025-26531

    Insufficient capability checks made it possible to disable badges a user does not have permission to access.... Read more

    Affected Products : moodle
    • Published: Feb. 24, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-26532

    Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.... Read more

    Affected Products : moodle
    • Published: Feb. 24, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-26533

    An SQL injection risk was identified in the module list filter within course search.... Read more

    Affected Products : moodle
    • Published: Feb. 24, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2019-9923

    pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.... Read more

    Affected Products : leap tar
    • EPSS Score: %0.37
    • Published: Mar. 22, 2019
    • Modified: Aug. 06, 2025

  • 6.2

    MEDIUM
    CVE-2016-9401

    popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.... Read more

    • EPSS Score: %0.01
    • Published: Jan. 23, 2017
    • Modified: Aug. 06, 2025

  • 7.5

    HIGH
    CVE-2016-6321

    Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_... Read more

    Affected Products : tar
    • EPSS Score: %12.72
    • Published: Dec. 09, 2016
    • Modified: Aug. 06, 2025

  • 5.1

    MEDIUM
    CVE-2015-1865

    fts.c in coreutils 8.4 allows local users to delete arbitrary files.... Read more

    Affected Products : coreutils
    • EPSS Score: %0.08
    • Published: Sep. 20, 2017
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27328

    Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-pr... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.5

    HIGH
    CVE-2023-27327

    Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to ex... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27324

    Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execu... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27323

    Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to exe... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27322

    Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execu... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025
Showing 20 of 291398 Results