Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2019-1670

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. T... Read more

    • EPSS Score: %0.17
    • Published: Feb. 07, 2019
    • Modified: Jul. 31, 2025

  • 7.8

    HIGH
    CVE-2017-6779

    Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of ser... Read more

    • EPSS Score: %1.28
    • Published: Jun. 07, 2018
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2017-12248

    A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerabi... Read more

    • EPSS Score: %0.23
    • Published: Sep. 21, 2017
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2021-1463

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists b... Read more

    • EPSS Score: %0.34
    • Published: Apr. 08, 2021
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2021-1395

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because th... Read more

    • EPSS Score: %0.32
    • Published: Jun. 16, 2021
    • Modified: Jul. 31, 2025

  • 8.8

    HIGH
    CVE-2017-12253

    A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulner... Read more

    • EPSS Score: %0.33
    • Published: Sep. 21, 2017
    • Modified: Jul. 31, 2025

  • 7.4

    HIGH
    CVE-2019-1658

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulne... Read more

    • EPSS Score: %0.19
    • Published: Jan. 24, 2019
    • Modified: Jul. 31, 2025

  • 6.8

    MEDIUM
    CVE-2015-0740

    Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus28826.... Read more

    • EPSS Score: %0.12
    • Published: May. 20, 2015
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2017-12254

    A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation... Read more

    • EPSS Score: %0.32
    • Published: Sep. 21, 2017
    • Modified: Jul. 31, 2025

  • 10.0

    HIGH
    CVE-2017-12337

    A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerabi... Read more

    • EPSS Score: %12.27
    • Published: Nov. 16, 2017
    • Modified: Jul. 31, 2025

  • 6.7

    MEDIUM
    CVE-2025-20278

    A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due... Read more

    • Published: Jun. 04, 2025
    • Modified: Jul. 31, 2025

  • 8.8

    HIGH
    CVE-2024-10954

    In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This ... Read more

    Affected Products : gpt_academic
    • Published: Mar. 20, 2025
    • Modified: Jul. 31, 2025

  • 6.5

    MEDIUM
    CVE-2024-10955

    A Regular Expression Denial of Service (ReDoS) vulnerability exists in gaizhenbiao/chuanhuchatgpt, as of commit 20b2e02. The server uses the regex pattern `r'<[^>]+>'` to parse user input. In Python's default regex engine, this pattern can take polynomial... Read more

    Affected Products : chuanhuchatgpt
    • Published: Mar. 20, 2025
    • Modified: Jul. 31, 2025

  • 6.5

    MEDIUM
    CVE-2024-11037

    A path traversal vulnerability exists in binary-husky/gpt_academic at commit 679352d, which allows an attacker to bypass the blocked_paths protection and read the config.py file containing sensitive information such as the OpenAI API key. This vulnerabili... Read more

    Affected Products : gpt_academic
    • Published: Mar. 20, 2025
    • Modified: Jul. 31, 2025

  • 9.8

    CRITICAL
    CVE-2024-11041

    vllm-project vllm version v0.6.2 contains a vulnerability in the MessageQueue.dequeue() API function. The function uses pickle.loads to parse received sockets directly, leading to a remote code execution vulnerability. An attacker can exploit this by send... Read more

    Affected Products : vllm vllm
    • Published: Mar. 20, 2025
    • Modified: Jul. 31, 2025

  • 7.5

    HIGH
    CVE-2024-12376

    A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows an attacker to access internal server resources and data that are otherwise in... Read more

    Affected Products : fastchat
    • Published: Mar. 20, 2025
    • Modified: Jul. 31, 2025

  • 6.5

    MEDIUM
    CVE-2024-12387

    A vulnerability in the binary-husky/gpt_academic repository, as of commit git 3890467, allows an attacker to crash the server by uploading a specially crafted zip bomb. The server decompresses the uploaded file and attempts to load it into memory, which c... Read more

    Affected Products : gpt_academic
    • Published: Mar. 20, 2025
    • Modified: Jul. 31, 2025

  • 7.7

    HIGH
    CVE-2025-1254

    Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before ... Read more

    Affected Products : connext_professional
    • Published: May. 08, 2025
    • Modified: Jul. 31, 2025

  • 8.4

    HIGH
    CVE-2024-56131

    Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)    From 7.... Read more

    • Published: Feb. 05, 2025
    • Modified: Jul. 31, 2025

  • 8.4

    HIGH
    CVE-2024-56132

    Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)    From 7.... Read more

    • Published: Feb. 05, 2025
    • Modified: Jul. 31, 2025
Showing 20 of 291058 Results