Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.5

MEDIUM

CVE-2025-25248

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versi...

Affected Products : fortios fortiproxy fortipam
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Denial of Service
6.5

MEDIUM

CVE-2024-52964

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9 and below 7.0.13 & FortiManager Cloud version 7.6.0 thr...

Affected Products : fortimanager fortimanager_cloud
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Path Traversal
6.8

MEDIUM

CVE-2024-48892

A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack....

Affected Products : fortisoar
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Path Traversal
4.4

MEDIUM

CVE-2024-40588

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0 through 7.6.1 and before 7.4.3, FortiVoice version 7.0.0 through 7.0.5 and before 7.4.9, FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4, FortiCamera ...

Affected Products : fortimail fortivoice fortindr fortirecorder forticamera forticamera_firmware forticamera
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2024-26009

An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version...

Affected Products : fortios fortiswitchmanager fortiproxy fortipam
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Authentication
7.2

HIGH

CVE-2023-45584

A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and befo...

Affected Products : fortios fortiproxy fortipam
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Memory Corruption
7.5

HIGH

CVE-2025-53793

Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network....

Affected Products : azure_stack_hub azure_stack_hub_2501 azure_stack_hub_2408 azure_stack_hub_2406
Published: Aug. 12, 2025

Modified: Aug. 18, 2025

Vuln Type: Authentication
7.8

HIGH

CVE-2025-53789

Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +4 more products
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Authentication
7.0

HIGH

CVE-2025-53788

Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally....

Affected Products : windows_subsystem_for_linux
Published: Aug. 12, 2025

Modified: Aug. 18, 2025

Vuln Type: Race Condition
8.4

HIGH

CVE-2025-53784

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally....

Affected Products : 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2024 office_2021
Published: Aug. 12, 2025

Modified: Aug. 18, 2025

Vuln Type: Memory Corruption
7.5

HIGH

CVE-2025-53783

Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network....

Affected Products : teams
Published: Aug. 12, 2025

Modified: Aug. 13, 2025

Vuln Type: Memory Corruption
7.7

HIGH

CVE-2025-53781

Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network....

Affected Products : dcadsv5_series_azure_vm nccadsh100v5_series_azure_vm ecadsv5_series_azure_vm dcesv5_series_azure_vm dcasv5_series_azure_vm ecasv5_series_azure_vm ecedsv5_series_azure_vm ecesv5_series_azure_vm dcedsv5_series_azure_vm
Published: Aug. 12, 2025

Modified: Aug. 13, 2025

Vuln Type: Information Disclosure
7.2

HIGH

CVE-2025-53779

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network....

Affected Products : windows_server_2025
Published: Aug. 12, 2025

Modified: Aug. 18, 2025

Vuln Type: Path Traversal
8.8

HIGH

CVE-2025-53778

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Aug. 12, 2025

Modified: Aug. 15, 2025

Vuln Type: Authentication
7.8

HIGH

CVE-2025-53773

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally....

Affected Products : visual_studio_2022
Published: Aug. 12, 2025

Modified: Aug. 15, 2025

Vuln Type: Injection
8.8

HIGH

CVE-2025-53772

Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network....

Affected Products : web_deploy web_deploy_4.0
Published: Aug. 12, 2025

Modified: Aug. 15, 2025

Vuln Type: Authentication
5.5

MEDIUM

CVE-2025-53769

External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally....

Affected Products : windows_security_app
Published: Aug. 12, 2025

Modified: Aug. 15, 2025

Vuln Type: Path Traversal
9.8

CRITICAL

CVE-2025-53766

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 office windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +10 more products
Published: Aug. 12, 2025

Modified: Aug. 14, 2025

Vuln Type: Memory Corruption
5.5

MEDIUM

CVE-2025-53765

Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally....

Affected Products : azure_stack_hub azure_app_service_on_azure_stack
Published: Aug. 12, 2025

Modified: Aug. 18, 2025

Vuln Type: Information Disclosure
7.8

HIGH

CVE-2025-53761

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally....

Affected Products : office 365_apps powerpoint office_long_term_servicing_channel office_2024 office_2021 office_2019 powerpoint_2016
Published: Aug. 12, 2025

Modified: Aug. 15, 2025

Vuln Type: Memory Corruption

Showing 20 of 291589 Results

1
...
107
108
109
110
111
112
113
...
14580

Latest CVE Feed

6.5

6.5

6.8

4.4

8.1

7.2

7.5

7.8

7.0

8.4

7.5

7.7

7.2

8.8

7.8

8.8

5.5

9.8

5.5

7.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable