Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.3

    HIGH
    CVE-2025-24042

    Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability... Read more

    Affected Products : visual_studio_code vscode-js-debug
    • Published: Feb. 11, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-6580

    A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to launch th... Read more

    Affected Products : best_salon_management_system
    • Published: Jun. 24, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 7.3

    HIGH
    CVE-2025-24039

    Visual Studio Code Elevation of Privilege Vulnerability... Read more

    Affected Products : visual_studio_code
    • Published: Feb. 11, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-6581

    A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The manipulation of the argument name/email/mobilenum/gender/det... Read more

    Affected Products : best_salon_management_system
    • Published: Jun. 24, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-6582

    A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-detailed.php. The manipulation of the argument editid lea... Read more

    Affected Products : best_salon_management_system
    • Published: Jun. 25, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-6583

    A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of the argument viewid leads to sql injection. It is possible... Read more

    Affected Products : best_salon_management_system
    • Published: Jun. 25, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 5.4

    MEDIUM
    CVE-2025-6613

    A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown functionality of the file /doctor/manage-patient.php. The manipulation of the argument Name leads to cross site ... Read more

    • Published: Jun. 25, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.6

    HIGH
    CVE-2023-36052

    Azure CLI REST Command Information Disclosure Vulnerability... Read more

    • Published: Nov. 14, 2023
    • Modified: Jul. 02, 2025

  • 7.8

    HIGH
    CVE-2025-24046

    Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Mar. 11, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-6604

    A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argument Name leads to sql injection. It is possible to initia... Read more

    Affected Products : best_salon_management_system
    • Published: Jun. 25, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 6.1

    MEDIUM
    CVE-2025-30719

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle ... Read more

    Affected Products : vm_virtualbox
    • Published: Apr. 15, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2025-6605

    A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the argument editid leads to sql injection. The attack can ... Read more

    Affected Products : best_salon_management_system
    • Published: Jun. 25, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-21532

    Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure wher... Read more

    Affected Products : analytics_desktop
    • Published: Jan. 21, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-49851

    ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper Authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product.... Read more

    Affected Products : control_id_idsecure
    • Published: Jun. 24, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Authentication

  • 8.7

    HIGH
    CVE-2025-49852

    ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a server-side request forgery vulnerability which could allow an unauthenticated attacker to retrieve information from other servers.... Read more

    Affected Products : control_id_idsecure
    • Published: Jun. 24, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Server-Side Request Forgery

  • 9.3

    CRITICAL
    CVE-2025-49853

    ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries.... Read more

    Affected Products : control_id_idsecure
    • Published: Jun. 24, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-30717

    Vulnerability in the Oracle Teleservice product of Oracle E-Business Suite (component: Service Diagnostics Scripts). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network acc... Read more

    Affected Products : teleservice
    • Published: Apr. 15, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Authentication

  • 5.4

    MEDIUM
    CVE-2025-30718

    Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with net... Read more

    Affected Products : applications_framework
    • Published: Apr. 15, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Authorization

  • 10.0

    CRITICAL
    CVE-2025-46828

    WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint `/html/socio/sistema/get_socios.php`, specifically in the query parameter. This issue ... Read more

    Affected Products : wegia
    • Published: May. 07, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2024-43591

    Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability... Read more

    • Published: Oct. 08, 2024
    • Modified: Jul. 02, 2025
Showing 20 of 293656 Results