Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2024-7046

    An improper access control vulnerability in open-webui/open-webui v0.3.8 allows an attacker to view admin details. The application does not verify whether the attacker is an administrator, allowing the attacker to directly call the /api/v1/auths/admin/det... Read more

    Affected Products : open_webui
    • Published: Mar. 20, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Authorization

  • 6.8

    MEDIUM
    CVE-2019-8900

    A vulnerability in the SecureROM of some Apple devices can be exploited by an unauthenticated local attacker to execute arbitrary code upon booting those devices. This vulnerability allows arbitrary code to be executed on the device. Exploiting the vulner... Read more

    Affected Products : securerom a10_fusion a10x_fusion a11_bionic a5 a5x a6 a6x a7 a8 +3 more products
    • Published: Feb. 21, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2018-4301

    This issue is fixed in SCSSU-201801. A potential stack based buffer overflow existed in GemaltoKeyHandle.cpp.... Read more

    Affected Products : smart_card_services
    • Published: Jan. 08, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2025-50062

    Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Global Payroll for Core). Supported versions that are affected are 9.2.51 and 9.2.52. Easily exploitable vulnerability allows low privileged atta... Read more

    • Published: Jul. 15, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Authentication

  • 5.3

    MEDIUM
    CVE-2025-30758

    Vulnerability in the Siebel CRM End User product of Oracle Siebel CRM (component: User Interface). Supported versions that are affected are 25.0-25.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro... Read more

    • Published: Jul. 15, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Information Disclosure

  • 2.4

    LOW
    CVE-2025-30750

    Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with net... Read more

    • Published: Jul. 15, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Authorization

  • 6.1

    MEDIUM
    CVE-2025-30745

    Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Device Integration). Supported versions that are affected are 12.2.12-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ... Read more

    Affected Products : mes_for_process_manufacturing
    • Published: Jul. 15, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Authentication

  • 8.1

    HIGH
    CVE-2025-30743

    Vulnerability in the Oracle Lease and Finance Management product of Oracle E-Business Suite (component: Internal Operations). The supported version that is affected is 12.2.13. Easily exploitable vulnerability allows low privileged attacker with network... Read more

    Affected Products : lease_and_finance_management
    • Published: Jul. 15, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-30739

    Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.2.11-12.2.13. Easily exploitable vulnerability allows high privileged attacker with network acce... Read more

    Affected Products : crm_technical_foundation
    • Published: Jul. 15, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Authorization

  • 7.3

    HIGH
    CVE-2024-12756

    An HTML Injection vulnerability in Avaya Spaces may have allowed disclosure of sensitive information or modification of the page content seen by the user.... Read more

    Affected Products : spaces
    • Published: Feb. 11, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.9

    HIGH
    CVE-2024-12755

    A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces may have allowed unauthorized code execution and potential disclose of sensitive information.... Read more

    Affected Products : spaces
    • Published: Feb. 11, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.4

    HIGH
    CVE-2024-27260

    IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 283985.... Read more

    Affected Products : aix vios
    • Published: May. 16, 2024
    • Modified: Jul. 29, 2025

  • 7.8

    HIGH
    CVE-2025-7231

    INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vul... Read more

    Affected Products : vt-designer vt_designer
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7230

    INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerab... Read more

    Affected Products : vt-designer vt_designer
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7229

    INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vul... Read more

    Affected Products : vt-designer vt_designer
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.2

    HIGH
    CVE-2025-8158

    A vulnerability was found in PHPGurukul Login and User Management System 3.3. It has been declared as critical. This vulnerability affects unknown code of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection.... Read more

    • Published: Jul. 25, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-7228

    INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vul... Read more

    Affected Products : vt-designer vt_designer
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.2

    HIGH
    CVE-2025-8157

    A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3. It has been classified as critical. This affects an unknown part of the file /admin/lastthirtyays-reg-users.php. The manipulation of the argument ID leads to sql in... Read more

    • Published: Jul. 25, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-7227

    INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vul... Read more

    Affected Products : vt-designer vt_designer
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7226

    INVT HMITool VPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT HMITool. User interaction is required to exploit this vulnerabili... Read more

    Affected Products : hmitool
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292811 Results