Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.1

HIGH

CVE-2025-48819

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Information Disclosure
7.8

HIGH

CVE-2025-48820

Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Authorization
7.1

HIGH

CVE-2025-48821

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Memory Corruption
8.6

HIGH

CVE-2025-48822

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Memory Corruption
5.9

MEDIUM

CVE-2025-48823

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Cryptography
5.5

MEDIUM

CVE-2025-48808

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Information Disclosure
5.5

MEDIUM

CVE-2025-48810

Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally....

Affected Products : windows_11_24h2 windows_server_2025
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Information Disclosure
5.5

MEDIUM

CVE-2025-48809

Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally....

Affected Products : windows_11_24h2 windows_server_2025
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Information Disclosure
6.7

MEDIUM

CVE-2025-48811

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Authorization
7.8

HIGH

CVE-2025-48799

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally....

Affected Products : windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows_11_23h2 windows_11_24h2 windows_server_2025
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Authorization
6.8

MEDIUM

CVE-2025-48800

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025
6.5

MEDIUM

CVE-2025-48802

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network....

Affected Products : windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Misconfiguration
9.8

CRITICAL

CVE-2025-7471

A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. T...

Affected Products : modern_bag
Published: Jul. 12, 2025

Modified: Jul. 15, 2025

Vuln Type: Injection
6.7

MEDIUM

CVE-2025-48803

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Authorization
6.8

MEDIUM

CVE-2025-48804

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Authentication
7.8

HIGH

CVE-2025-48805

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-48806

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Memory Corruption
5.5

MEDIUM

CVE-2025-21005

Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information....

Affected Products : android
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Authorization
6.8

MEDIUM

CVE-2025-47999

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Denial of Service
7.8

HIGH

CVE-2025-48000

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 +3 more products
Published: Jul. 08, 2025

Modified: Jul. 15, 2025

Vuln Type: Memory Corruption

Showing 20 of 291722 Results

1
...
504
505
506
507
508
509
510
...
14587

Latest CVE Feed

7.1

7.8

7.1

8.6

5.9

5.5

5.5

5.5

6.7

7.8

6.8

6.5

9.8

6.7

6.8

7.8

7.8

5.5

6.8

7.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable