Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.2

    HIGH
    CVE-2025-53024

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracl... Read more

    Affected Products : vm_virtualbox
    • Published: Jul. 15, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authorization

  • 6.0

    MEDIUM
    CVE-2025-53025

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracl... Read more

    Affected Products : vm_virtualbox
    • Published: Jul. 15, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authorization

  • 10.0

    CRITICAL
    CVE-2025-2828

    A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) in langchain-ai/langchain version 0.0.27. This... Read more

    Affected Products : langchain
    • Published: Jun. 23, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Server-Side Request Forgery

  • 9.0

    HIGH
    CVE-2025-6614

    A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. The manipulation of the argument curTime leads to stack... Read more

    Affected Products : dir-619l_firmware dir-619l
    • Published: Jun. 25, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-6627

    A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit... Read more

    Affected Products : a702r_firmware a702r
    • Published: Jun. 25, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-7154

    A vulnerability, which was classified as critical, has been found in TOTOLINK N200RE 9.3.5u.6095_B20200916/9.3.5u.6139_B20201216. Affected by this issue is the function sub_41A0F8 of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Hostname... Read more

    Affected Products : n200re_firmware n200re
    • Published: Jul. 08, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Injection

  • 6.2

    MEDIUM
    CVE-2025-21002

    Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-21003

    Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-20971

    Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow.... Read more

    Affected Products : flow
    • Published: May. 07, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-20977

    Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : notes
    • Published: May. 07, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Information Disclosure

  • 9.0

    HIGH
    CVE-2025-5969

    A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of the component HTTP POST Request Handler. The manipulation leads to stack-based buf... Read more

    Affected Products : dir-632_firmware dir-632
    • Published: Jun. 10, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-50756

    Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.... Read more

    Affected Products :
    • Published: Jul. 14, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2024-42648

    NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.... Read more

    Affected Products : nanomq
    • Published: Jul. 14, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-42646

    A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.... Read more

    Affected Products : nanomq
    • Published: Jul. 14, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Denial of Service

  • 7.2

    HIGH
    CVE-2025-24286

    A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.... Read more

    Affected Products : veeam_backup_\&_replication
    • Published: Jun. 19, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-22460

    Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.... Read more

    • Published: May. 13, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-22462

    An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated attacker to gain administrative access to the system.... Read more

    Affected Products : neurons_for_itsm
    • Published: May. 13, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authentication

  • 6.8

    MEDIUM
    CVE-2025-29627

    An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module... Read more

    Affected Products : keeperchat
    • Published: Jun. 09, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authentication

  • 9.3

    CRITICAL
    CVE-2025-25034

    A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper validation of PHP serialized input in the SugarRestSerialize.php script. The vulnerable code fails to sanitize the rest... Read more

    Affected Products : sugarcrm
    • Published: Jun. 20, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2024-42649

    NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.... Read more

    Affected Products : nanomq
    • Published: Jul. 14, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291551 Results