Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2019-15002

    An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker can log a user into the system under an unexpected account.... Read more

    Affected Products : jira_server jira_data_center
    • Published: Feb. 11, 2025
    • Modified: Jul. 30, 2025

  • 4.3

    MEDIUM
    CVE-2023-20094

    A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attac... Read more

    • Published: Nov. 15, 2024
    • Modified: Jul. 30, 2025

  • 4.4

    MEDIUM
    CVE-2023-20093

    Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on ... Read more

    • Published: Nov. 15, 2024
    • Modified: Jul. 30, 2025

  • 8.8

    HIGH
    CVE-2025-8040

    Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrar... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 30, 2025

  • 9.8

    CRITICAL
    CVE-2025-8038

    Firefox ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 30, 2025

  • 8.1

    HIGH
    CVE-2025-8036

    Firefox cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 30, 2025

  • 8.8

    HIGH
    CVE-2025-8035

    Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of the... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 30, 2025

  • 8.8

    HIGH
    CVE-2025-8034

    Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enoug... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 30, 2025

  • 8.1

    HIGH
    CVE-2025-8029

    Firefox executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 30, 2025

  • 7.4

    HIGH
    CVE-2024-26153

    All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 are vulnerable to cross-site request forgery (CSRF). An external attacker with no access to the device can force the end user into submitting a "setconf" method request, not requir... Read more

    Affected Products : remote_access_server_firmware
    • Published: Jan. 17, 2025
    • Modified: Jul. 30, 2025

  • 6.4

    MEDIUM
    CVE-2024-21703

    This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for Windows installations. This Security Misconfiguration vulnerability, with a CVSS Score of 6.4 allows an authenticated ... Read more

    • Published: Nov. 27, 2024
    • Modified: Jul. 30, 2025

  • 6.1

    MEDIUM
    CVE-2024-26154

    All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting in the appliance site name. The ETIC RAS web server saves the site name and then presents it to the administrators in a few differen... Read more

    Affected Products : remote_access_server_firmware
    • Published: Jan. 17, 2025
    • Modified: Jul. 30, 2025

  • 6.8

    MEDIUM
    CVE-2022-20793

    A vulnerability in pairing process of Cisco&nbsp;TelePresence CE Software and RoomOS Software for Cisco&nbsp;Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulner... Read more

    • Published: Nov. 15, 2024
    • Modified: Jul. 30, 2025

  • 8.6

    HIGH
    CVE-2024-26155

    All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection ... Read more

    Affected Products : remote_access_server_firmware
    • Published: Jan. 17, 2025
    • Modified: Jul. 30, 2025

  • 7.1

    HIGH
    CVE-2025-54134

    HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.8 and below, the HAX CMS NodeJS application crashes when an authenticated attacker provides an API request lacking required URL parameters. This vulnera... Read more

    Affected Products : haxcms-php haxcms-nodejs
    • Published: Jul. 21, 2025
    • Modified: Jul. 30, 2025

  • 7.2

    HIGH
    CVE-2025-54128

    HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.7 and below, the NodeJS version of HAX CMS has a disabled Content Security Policy (CSP). This configuration is insecure for a production application bec... Read more

    Affected Products : haxcms-php haxcms-nodejs
    • Published: Jul. 21, 2025
    • Modified: Jul. 30, 2025

  • 9.8

    CRITICAL
    CVE-2025-54127

    HAXcms with nodejs backend allows users to start the server in any HAXsite or HAXcms instance. In versions 11.0.6 and below, the NodeJS version of HAXcms uses an insecure default configuration designed for local development. The default configuration does... Read more

    Affected Products : haxcms-php haxcms-nodejs
    • Published: Jul. 21, 2025
    • Modified: Jul. 30, 2025

  • 6.1

    MEDIUM
    CVE-2024-26156

    All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in the method parameter. The ETIC RAS web server uses dynamic pages that gets their input from the client side and ref... Read more

    Affected Products : remote_access_server_firmware
    • Published: Jan. 17, 2025
    • Modified: Jul. 30, 2025

  • 7.8

    HIGH
    CVE-2020-17159

    Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability... Read more

    • EPSS Score: %3.54
    • Published: Dec. 10, 2020
    • Modified: Jul. 30, 2025

  • 9.3

    HIGH
    CVE-2021-27084

    Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability... Read more

    Affected Products : visual_studio_code maven_for_java
    • EPSS Score: %14.42
    • Published: Mar. 11, 2021
    • Modified: Jul. 30, 2025
Showing 20 of 291024 Results