Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.6

    HIGH
    CVE-2024-4981

    A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.... Read more

    Affected Products : pagure
    • Published: May. 12, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Path Traversal

  • 7.6

    HIGH
    CVE-2024-4982

    A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.... Read more

    Affected Products : pagure
    • Published: May. 12, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Path Traversal

  • 5.3

    MEDIUM
    CVE-2025-26531

    Insufficient capability checks made it possible to disable badges a user does not have permission to access.... Read more

    Affected Products : moodle
    • Published: Feb. 24, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-26532

    Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.... Read more

    Affected Products : moodle
    • Published: Feb. 24, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-26533

    An SQL injection risk was identified in the module list filter within course search.... Read more

    Affected Products : moodle
    • Published: Feb. 24, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2019-9923

    pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.... Read more

    Affected Products : leap tar
    • EPSS Score: %0.41
    • Published: Mar. 22, 2019
    • Modified: Aug. 06, 2025

  • 6.2

    MEDIUM
    CVE-2016-9401

    popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.... Read more

    • EPSS Score: %0.01
    • Published: Jan. 23, 2017
    • Modified: Aug. 06, 2025

  • 7.5

    HIGH
    CVE-2016-6321

    Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_... Read more

    Affected Products : tar
    • EPSS Score: %12.72
    • Published: Dec. 09, 2016
    • Modified: Aug. 06, 2025

  • 5.1

    MEDIUM
    CVE-2015-1865

    fts.c in coreutils 8.4 allows local users to delete arbitrary files.... Read more

    Affected Products : coreutils
    • EPSS Score: %0.08
    • Published: Sep. 20, 2017
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27328

    Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-pr... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.5

    HIGH
    CVE-2023-27327

    Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to ex... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27324

    Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execu... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27323

    Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to exe... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27322

    Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execu... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 8.2

    HIGH
    CVE-2023-27326

    Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute ... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2023-27325

    Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execu... Read more

    Affected Products : parallels_desktop
    • Published: May. 03, 2024
    • Modified: Aug. 06, 2025

  • 5.3

    MEDIUM
    CVE-2023-53161

    The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic.... Read more

    Affected Products : buffered-reader
    • Published: Jul. 28, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2023-53160

    The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic.... Read more

    Affected Products : sequoia-openpgp
    • Published: Jul. 28, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Memory Corruption

  • 6.9

    MEDIUM
    CVE-2025-54571

    ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTT... Read more

    Affected Products : modsecurity
    • Published: Aug. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.7

    HIGH
    CVE-2025-54125

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 1.1 through 16.4.6, 16.5.0-rc-1 through 16.10.4 and 17.0.0-rc-1 through 17.1.0, th... Read more

    Affected Products : xwiki
    • Published: Aug. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291526 Results