Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-6278

    A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been dis... Read more

    Affected Products : upsonic
    • Published: Jun. 19, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Path Traversal

  • 8.0

    HIGH
    CVE-2025-6279

    A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The exploi... Read more

    Affected Products : upsonic
    • Published: Jun. 19, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2024-49564

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2024-49565

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-22398

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, lead... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.3

    HIGH
    CVE-2025-24382

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, lead... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2025-24383

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to de... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-49601

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, lead... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-23383

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-24377

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-24378

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-24379

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 6.7

    MEDIUM
    CVE-2024-10019

    A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry) allows for path traversal and OS command injection. The function does not properly sanitize the `app_name` parameter, enabling an attacker to upload a malicious `... Read more

    Affected Products : lollms_web_ui
    • Published: Mar. 20, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Path Traversal

  • 7.8

    HIGH
    CVE-2025-24380

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-24381

    Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user bein... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-24385

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-24386

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-27729

    Use after free in Windows Shell allows an unauthorized attacker to execute code locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27728

    Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Apr. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27727

    Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Authorization
Showing 20 of 293617 Results