Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-27240

    Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.... Read more

    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 7.3

    HIGH
    CVE-2024-39819

    Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.... Read more

    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 6.6

    MEDIUM
    CVE-2024-39820

    Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.... Read more

    Affected Products : workplace_desktop
    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 6.6

    MEDIUM
    CVE-2024-39821

    Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access.... Read more

    Affected Products : rooms workplace_desktop
    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 4.3

    MEDIUM
    CVE-2021-1410

    A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authori... Read more

    Affected Products : webex_meetings
    • Published: Nov. 18, 2024
    • Modified: Aug. 05, 2025

  • 7.5

    HIGH
    CVE-2021-1132

    A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management inte... Read more

    Affected Products : network_services_orchestrator
    • Published: Nov. 18, 2024
    • Modified: Aug. 05, 2025

  • 4.4

    MEDIUM
    CVE-2025-7738

    A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations.... Read more

    Affected Products :
    • Published: Jul. 31, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Misconfiguration

  • 5.9

    MEDIUM
    CVE-2025-30761

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. ... Read more

    Affected Products : jdk jre graalvm java_se
    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authorization

  • 8.1

    HIGH
    CVE-2025-50106

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle... Read more

    Affected Products : jdk jre graalvm java_se graalvm_for_jdk
    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 7.7

    HIGH
    CVE-2025-50069

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.27 and 21.3-21.18. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with ... Read more

    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 3.7

    LOW
    CVE-2025-50065

    Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network ac... Read more

    Affected Products : graalvm_for_jdk
    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Denial of Service

  • 7.3

    HIGH
    CVE-2025-50063

    Vulnerability in Oracle Java SE (component: Install). The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to comp... Read more

    Affected Products : jdk jre java_se
    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 8.6

    HIGH
    CVE-2025-50059

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracl... Read more

    Affected Products : jdk jre graalvm java_se graalvm_for_jdk
    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 4.8

    MEDIUM
    CVE-2025-30754

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Orac... Read more

    Affected Products : jdk jre graalvm java_se graalvm_for_jdk
    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-20701

    In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati... Read more

    Affected Products :
    • Published: Aug. 04, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2024-9632

    A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escal... Read more

    • Published: Oct. 30, 2024
    • Modified: Aug. 04, 2025

  • 7.8

    HIGH
    CVE-2024-31083

    A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to ... Read more

    Affected Products : enterprise_linux libssh
    • Published: Apr. 05, 2024
    • Modified: Aug. 04, 2025

  • 7.3

    HIGH
    CVE-2024-31081

    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particula... Read more

    Affected Products : enterprise_linux libssh
    • Published: Apr. 04, 2024
    • Modified: Aug. 04, 2025

  • 7.3

    HIGH
    CVE-2024-31080

    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particula... Read more

    Affected Products : enterprise_linux libssh
    • Published: Apr. 04, 2024
    • Modified: Aug. 04, 2025

  • 7.8

    HIGH
    CVE-2024-21886

    A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.... Read more

    Affected Products : enterprise_linux libssh
    • Published: Feb. 28, 2024
    • Modified: Aug. 04, 2025
Showing 20 of 291305 Results