Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.7

    MEDIUM
    CVE-2025-40774

    A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications store user passwords encrypted in its database. Decryption keys are accessible to users with administrative privileges, allowing them to recover p... Read more

    Affected Products : sipass_integrated
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Cryptography

  • 7.8

    HIGH
    CVE-2025-40809

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT fil... Read more

    Affected Products : solid_edge_se2024 solid_edge_se2025
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-40810

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT fil... Read more

    Affected Products : solid_edge_se2024 solid_edge_se2025
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-40811

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT file... Read more

    Affected Products : solid_edge_se2024 solid_edge_se2025
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-40812

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT file... Read more

    Affected Products : solid_edge_se2024 solid_edge_se2025
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-11716

    Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox < 144 and Thunderbird < 144.... Read more

    Affected Products : android firefox thunderbird
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Misconfiguration

  • 7.2

    HIGH
    CVE-2025-47856

    Two improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiVoice version 7.2.0, 7.0.0 through 7.0.6 and before 6.4.10 allows a privileged attacker to execute arbitrary code or c... Read more

    Affected Products : fortivoice
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2025-20724

    In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418894; Is... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2023-46718

    A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or comm... Read more

    Affected Products : fortios fortiproxy
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-11623

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62383

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62385

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62386

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62387

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62388

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62389

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62390

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62391

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62392

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-62384

    SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.... Read more

    Affected Products : endpoint_manager
    • Published: Oct. 13, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Injection
Showing 20 of 3685 Results