Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2025-1072

    A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content usi... Read more

    Affected Products : gitlab
    • Published: Feb. 07, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-20139

    A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input to... Read more

    Affected Products : enterprise_chat_and_email
    • Published: Apr. 02, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-20165

    A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition. This vulnerability is due to improper... Read more

    • Published: Jan. 22, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.1

    HIGH
    CVE-2024-10396

    An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client Fet... Read more

    Affected Products : openafs
    • Published: Nov. 14, 2024
    • Modified: Aug. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-41751

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2024-41750

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2024-5301

    Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit thi... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5302

    Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5303

    Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5304

    Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 6.1

    MEDIUM
    CVE-2024-40686

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks ag... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.8

    HIGH
    CVE-2024-5305

    Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2024-5306

    Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnera... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 3.3

    LOW
    CVE-2024-5307

    Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Jun. 06, 2024
    • Modified: Aug. 06, 2025

  • 6.2

    MEDIUM
    CVE-2024-40682

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-33114

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to denial of service with a specially crafted query under certain non-default conditions.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-33092

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-36010

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 could allow an unauthenticated user to cause a denial of service due to executable segments that are waiting for each other to release a necessary lock.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-2533

    IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.... Read more

    Affected Products : db2
    • Published: Jul. 29, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 9.9

    CRITICAL
    CVE-2025-0781

    An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.... Read more

    Affected Products : debian_linux simgear
    • Published: Jan. 28, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Path Traversal
Showing 20 of 291531 Results