Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2024-10396

    An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client Fet... Read more

    Affected Products : openafs
    • Published: Nov. 14, 2024
    • Modified: Aug. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-41751

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2024-41750

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2024-5301

    Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit thi... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5302

    Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5303

    Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5304

    Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 6.1

    MEDIUM
    CVE-2024-40686

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks ag... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.8

    HIGH
    CVE-2024-5305

    Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5306

    Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnera... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 3.3

    LOW
    CVE-2024-5307

    Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 6.2

    MEDIUM
    CVE-2024-40682

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-33114

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to denial of service with a specially crafted query under certain non-default conditions.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-33092

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-36010

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 could allow an unauthenticated user to cause a denial of service due to executable segments that are waiting for each other to release a necessary lock.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-2533

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 9.9

    CRITICAL
    CVE-2025-0781

    An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.... Read more

    Affected Products : debian_linux simgear
    • Published: Jan. 28, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Path Traversal

  • 7.5

    HIGH
    CVE-2025-52887

    cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be rele... Read more

    Affected Products : cpp-httplib cpp-httplib
    • Published: Jun. 26, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2025-48950

    MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execut... Read more

    Affected Products : maxkb
    • Published: Jun. 03, 2025
    • Modified: Aug. 06, 2025

  • 6.5

    MEDIUM
    CVE-2024-3976

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title an... Read more

    Affected Products : gitlab
    • Published: Feb. 05, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291394 Results