Latest CVE Feed
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of
the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable.
You can also sort the list based on the published date, last updated date, or CVSS score.
-
8.1
HIGHCVE-2025-42615
In affected versions, vulnerability-lookup did not track or limit failed One-Time Password (OTP) attempts during Two-Factor Authentication (2FA) verification. An attacker who already knew or guessed a valid username and password could submit an arbitra... Read more
Affected Products :- Published: Dec. 08, 2025
- Modified: Dec. 08, 2025
- Vuln Type: Authentication
-
6.9
MEDIUMCVE-2025-14253
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files.... Read more
Affected Products : vitals_enterprise_social_platform- Published: Dec. 08, 2025
- Modified: Dec. 08, 2025
- Vuln Type: Path Traversal
-
0.0
NACVE-2023-53755
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exer... Read more
Affected Products : linux_kernel- Published: Dec. 08, 2025
- Modified: Dec. 08, 2025
- Vuln Type: Memory Corruption