Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.2

    MEDIUM
    CVE-2024-52897

    IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.... Read more

    • Published: Dec. 19, 2024
    • Modified: Aug. 19, 2025

  • 7.5

    HIGH
    CVE-2024-3651

    A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequentl... Read more

    • Published: Jul. 07, 2024
    • Modified: Aug. 19, 2025

  • 8.1

    HIGH
    CVE-2024-58087

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from session lookup and expire Increment the session reference count within the lock for lookup to avoid racy issue with session expire.... Read more

    Affected Products : linux_kernel
    • Published: Mar. 12, 2025
    • Modified: Aug. 19, 2025

  • 6.5

    MEDIUM
    CVE-2025-46785

    Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: May. 14, 2025
    • Modified: Aug. 19, 2025

  • 7.5

    HIGH
    CVE-2025-2900

    IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES... Read more

    Affected Products : semeru_runtime
    • Published: May. 14, 2025
    • Modified: Aug. 19, 2025

  • 6.5

    MEDIUM
    CVE-2025-38745

    Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote access could potentially exploit this vulnerability, ... Read more

    Affected Products : openmanage_enterprise
    • Published: Aug. 14, 2025
    • Modified: Aug. 19, 2025

  • 6.2

    MEDIUM
    CVE-2025-54409

    AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attribut... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 19, 2025

  • 6.2

    MEDIUM
    CVE-2025-54389

    AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or remo... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 19, 2025

  • 7.8

    HIGH
    CVE-2025-8964

    A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an unknown part of the file hostel_manage.exe of the component Login. The manipulation leads to improper authentication. It is possible to launch the attack on the ... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 19, 2025

  • 7.8

    HIGH
    CVE-2025-8962

    A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostel_manage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buff... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 19, 2025

  • 5.6

    MEDIUM
    CVE-2025-23084

    A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path,... Read more

    Affected Products : node.js windows
    • Published: Jan. 28, 2025
    • Modified: Aug. 19, 2025

  • 9.0

    HIGH
    CVE-2025-8940

    A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParentControlInfo. The manipulation of the argument Time leads to buffer overflow. The attack can be launched rem... Read more

    Affected Products : ac20_firmware ac20
    • Published: Aug. 14, 2025
    • Modified: Aug. 19, 2025

  • 9.0

    HIGH
    CVE-2025-8939

    A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The explo... Read more

    Affected Products : ac20_firmware ac20
    • Published: Aug. 14, 2025
    • Modified: Aug. 19, 2025

  • 8.2

    HIGH
    CVE-2025-6297

    It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files ... Read more

    Affected Products : dpkg
    • Published: Jul. 01, 2025
    • Modified: Aug. 19, 2025

  • 7.5

    HIGH
    CVE-2025-0149

    Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access.... Read more

    • Published: Mar. 11, 2025
    • Modified: Aug. 19, 2025

  • 7.8

    HIGH
    CVE-2025-25175

    A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All versions < V2406.0002). The affected application contains a memory corruption vulnerability while parsing specially crafted .NEU files. T... Read more

    Affected Products : simcenter_femap
    • Published: Mar. 13, 2025
    • Modified: Aug. 19, 2025

  • 7.5

    HIGH
    CVE-2023-4458

    A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage thi... Read more

    Affected Products : linux_kernel
    • Published: Nov. 14, 2024
    • Modified: Aug. 19, 2025

  • 6.5

    MEDIUM
    CVE-2024-45556

    Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.... Read more

    • Published: Apr. 07, 2025
    • Modified: Aug. 19, 2025

  • 7.8

    HIGH
    CVE-2024-45557

    Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.... Read more

    • Published: Apr. 07, 2025
    • Modified: Aug. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-52927

    In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some s... Read more

    Affected Products : linux_kernel
    • Published: Mar. 14, 2025
    • Modified: Aug. 19, 2025
Showing 20 of 290978 Results