Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-43187

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.... Read more

    • Published: Feb. 04, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Cryptography

  • 3.5

    LOW
    CVE-2025-49462

    Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated user to conduct a disclosure of information via network access.... Read more

    Affected Products : zoom
    • Published: Jul. 10, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Information Disclosure

  • 6.1

    MEDIUM
    CVE-2024-40700

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality... Read more

    • Published: Feb. 04, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-49463

    Insufficient control flow management in certain Zoom Clients for iOS before version 6.4.5 may allow an unauthenticated user to conduct a disclosure of information via network access.... Read more

    Affected Products : zoom
    • Published: Jul. 10, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2024-45659

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the syste... Read more

    • Published: Feb. 04, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-49464

    Classic buffer overflow in certain Zoom Clients for Windows may allow an authorised user to conduct a denial of service via network access.... Read more

    Affected Products : zoom
    • Published: Jul. 10, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Denial of Service

  • 6.8

    MEDIUM
    CVE-2024-39826

    Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access.... Read more

    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 6.5

    MEDIUM
    CVE-2025-30665

    NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: May. 14, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-39827

    Improper input validation in the installer for Zoom Workplace Desktop App for Windows before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.... Read more

    Affected Products : workplace_desktop
    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 6.5

    MEDIUM
    CVE-2025-30666

    NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: May. 14, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Denial of Service

  • 9.1

    CRITICAL
    CVE-2025-46788

    Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.... Read more

    Affected Products : workplace_desktop
    • Published: Jul. 10, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Information Disclosure

  • 7.1

    HIGH
    CVE-2024-27238

    Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access.... Read more

    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 7.8

    HIGH
    CVE-2024-27240

    Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.... Read more

    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 7.3

    HIGH
    CVE-2024-39819

    Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.... Read more

    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 6.6

    MEDIUM
    CVE-2024-39820

    Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.... Read more

    Affected Products : workplace_desktop
    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 6.6

    MEDIUM
    CVE-2024-39821

    Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access.... Read more

    Affected Products : rooms workplace_desktop
    • Published: Jul. 15, 2024
    • Modified: Aug. 05, 2025

  • 4.3

    MEDIUM
    CVE-2021-1410

    A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authori... Read more

    Affected Products : webex_meetings
    • Published: Nov. 18, 2024
    • Modified: Aug. 05, 2025

  • 7.5

    HIGH
    CVE-2021-1132

    A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management inte... Read more

    Affected Products : network_services_orchestrator
    • Published: Nov. 18, 2024
    • Modified: Aug. 05, 2025

  • 4.4

    MEDIUM
    CVE-2025-7738

    A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations.... Read more

    Affected Products :
    • Published: Jul. 31, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Misconfiguration

  • 5.9

    MEDIUM
    CVE-2025-30761

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. ... Read more

    Affected Products : jdk jre graalvm java_se
    • Published: Jul. 15, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authorization
Showing 20 of 291368 Results