Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.0

    HIGH
    CVE-2017-6738

    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to rel... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • EPSS Score: %17.11
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6737

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • EPSS Score: %17.11
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 9.0

    HIGH
    CVE-2017-6736

    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to rel... Read more

    Affected Products : ios_xe ios
    • Actively Exploited
    • EPSS Score: %84.66
    • Published: Jul. 17, 2017
    • Modified: Jul. 31, 2025

  • 5.4

    MEDIUM
    CVE-2024-20514

    A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack a... Read more

    • Published: Nov. 06, 2024
    • Modified: Jul. 31, 2025

  • 9.8

    CRITICAL
    CVE-2024-20401

    A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper ... Read more

    Affected Products : secure_email_gateway secure_email
    • Published: Jul. 17, 2024
    • Modified: Jul. 31, 2025

  • 4.7

    MEDIUM
    CVE-2025-8206

    A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998.179. This affects an unknown part of the component IP DNS Leakage Detector. The manipulation leads to cross site scripting. It is possible to initiate the at... Read more

    Affected Products : dragon
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 6.3

    MEDIUM
    CVE-2025-8205

    A vulnerability, which was classified as problematic, has been found in Comodo Dragon up to 134.0.6998.179. Affected by this issue is some unknown functionality of the component IP DNS Leakage Detector. The manipulation leads to cleartext transmission of ... Read more

    Affected Products : dragon
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 3.7

    LOW
    CVE-2025-8204

    A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179. Affected by this vulnerability is an unknown functionality of the component HSTS Handler. The manipulation leads to security check for standard. The attack can be l... Read more

    Affected Products : dragon
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2025-20310

    A vulnerability in the web UI of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web UI d... Read more

    Affected Products : enterprise_chat_and_email
    • Published: Jul. 02, 2025
    • Modified: Jul. 31, 2025

  • 9.8

    CRITICAL
    CVE-2025-8252

    A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete_s5.php. The manipulation of the argument ID leads to sql injection. The attack m... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 28, 2025
    • Modified: Jul. 31, 2025

  • 9.8

    CRITICAL
    CVE-2025-8253

    A vulnerability was found in code-projects Exam Form Submission 1.0. It has been classified as critical. This affects an unknown part of the file /admin/delete_s6.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate ... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 28, 2025
    • Modified: Jul. 31, 2025

  • 9.8

    CRITICAL
    CVE-2025-8255

    A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as critical. This issue affects some unknown processing of the file /register.php. The manipulation of the argument image leads to unrestricted upload. The attack may b... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 28, 2025
    • Modified: Jul. 31, 2025

  • 7.4

    HIGH
    CVE-2025-20140

    A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent wireless attacker to cause a denial of service (DoS) condition. This vulnerability is du... Read more

    • Published: May. 07, 2025
    • Modified: Jul. 31, 2025

  • 7.4

    HIGH
    CVE-2024-20303

    A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improp... Read more

    • Published: Mar. 27, 2024
    • Modified: Jul. 31, 2025

  • 6.5

    MEDIUM
    CVE-2022-20931

    A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device. This vulnerability is due t... Read more

    • Published: Nov. 15, 2024
    • Modified: Jul. 31, 2025

  • 9.8

    CRITICAL
    CVE-2025-1550

    The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules... Read more

    Affected Products : keras
    • Published: Mar. 11, 2025
    • Modified: Jul. 31, 2025

  • 8.6

    HIGH
    CVE-2025-20154

    A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS... Read more

    Affected Products : ios_xe ios ios_xr
    • Published: May. 07, 2025
    • Modified: Jul. 31, 2025

  • 4.7

    MEDIUM
    CVE-2024-20400

    A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request paramete... Read more

    • Published: Jul. 17, 2024
    • Modified: Jul. 31, 2025

  • 7.5

    HIGH
    CVE-2025-2258

    In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Leng... Read more

    Affected Products : threadx_netx_duo
    • Published: Apr. 06, 2025
    • Modified: Jul. 31, 2025

  • 7.5

    HIGH
    CVE-2025-2259

    In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one pack... Read more

    Affected Products : threadx_netx_duo
    • Published: Apr. 06, 2025
    • Modified: Jul. 31, 2025
Showing 20 of 291058 Results