Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-37106

    An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.... Read more

    Affected Products : autopass_license_server
    • Published: Jul. 16, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-37105

    An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.... Read more

    Affected Products : autopass_license_server
    • Published: Jul. 16, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Misconfiguration

  • 5.3

    MEDIUM
    CVE-2025-22251

    An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized session... Read more

    Affected Products : fortios
    • Published: Jun. 10, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2024-54019

    A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirec... Read more

    Affected Products : forticlient
    • Published: Jun. 10, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Misconfiguration

  • 5.9

    MEDIUM
    CVE-2024-50568

    A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated a... Read more

    Affected Products : fortios fortiproxy
    • Published: Jun. 10, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authentication

  • 4.8

    MEDIUM
    CVE-2024-50562

    An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN p... Read more

    Affected Products : fortios fortipam fortisase
    • Published: Jun. 10, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2024-50565

    A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15 and 6.2.0 through 6.2.16, Fortinet FortiProxy ve... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2024-26013

    A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy version 7... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-32462

    Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.... Read more

    Affected Products : sudo
    • Published: Jun. 30, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Authorization

  • 6.1

    MEDIUM
    CVE-2024-5492

    Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway... Read more

    • Published: Jul. 10, 2024
    • Modified: Jul. 25, 2025

  • 7.5

    HIGH
    CVE-2024-5491

    Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler... Read more

    • Published: Jul. 10, 2024
    • Modified: Jul. 25, 2025

  • 4.8

    MEDIUM
    CVE-2023-48785

    An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an invent... Read more

    Affected Products : fortinac-f
    • Published: Mar. 14, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Misconfiguration

  • 6.1

    MEDIUM
    CVE-2024-6149

    Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5... Read more

    Affected Products : workspace
    • Published: Jul. 10, 2024
    • Modified: Jul. 25, 2025

  • 9.0

    HIGH
    CVE-2025-7908

    A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The manipulation of the argument mx leads to stack-based buffe... Read more

    Affected Products : di-8100_firmware di-8100
    • Published: Jul. 20, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7909

    A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the function sprintf of the file /goform/formLanSetupRouterSettings of the component Boa Webserver. The manipulation of the argument curTime leads to... Read more

    Affected Products : dir-513_firmware dir-513
    • Published: Jul. 20, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7910

    A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file /goform/formSetWanNonLogin of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer ove... Read more

    Affected Products : dir-513_firmware dir-513
    • Published: Jul. 20, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-20326

    A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is ... Read more

    • Published: May. 16, 2024
    • Modified: Jul. 25, 2025

  • 7.8

    HIGH
    CVE-2025-7240

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to ... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7239

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to ... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7238

    IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required t... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293350 Results