Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2021-47636

    In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() Function ubifs_wbuf_write_nolock() may access buf out of bounds in following process: ubifs_wbuf_write_nolock(): aligned_le... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2021-47635

    In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix to add refcount once page is set private MM defined the rule [1] very clearly that once page was set with PG_private flag, we should increment the refcount in that page, also... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2021-47634

    In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl Hulk Robot reported a KASAN report about use-after-free: ============================================================... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2021-47633

    In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in ath5k_eeprom_convert_pcal_info_5111. When none of the curve is selected in ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2021-47632

    In the Linux kernel, the following vulnerability has been resolved: powerpc/set_memory: Avoid spinlock recursion in change_page_attr() Commit 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines") included a spin_lock() to change_page_attr() in or... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2021-47631

    In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850_evm_config_emac() when booting multi_v5_defconfig in QEMU under the palmett... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Misconfiguration

  • 4.3

    MEDIUM
    CVE-2025-1091

    A Broken Authorization schema exists where any authenticated user could download IOA script and configuration files if the URL is known.... Read more

    Affected Products :
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025
    • Vuln Type: Authorization

  • 2.7

    LOW
    CVE-2025-0760

    A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption.... Read more

    Affected Products :
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2024-30150

    HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF) and Denial of Service(DOS) attacks from unauthenticate... Read more

    Affected Products :
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-25521

    Seacms <=13.3 is vulnerable to SQL Injection in admin_type_news.php.... Read more

    Affected Products : seacms
    • Published: Feb. 25, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-25520

    Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php.... Read more

    Affected Products : seacms
    • Published: Feb. 25, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-25519

    Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php.... Read more

    Affected Products : seacms
    • Published: Feb. 25, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-25517

    Seacms <=13.3 is vulnerable to SQL Injection in admin_reslib.php.... Read more

    Affected Products : seacms
    • Published: Feb. 25, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-25516

    Seacms <=13.3 is vulnerable to SQL Injection in admin_paylog.php.... Read more

    Affected Products : seacms
    • Published: Feb. 25, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-25515

    Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database.... Read more

    Affected Products : seacms
    • Published: Feb. 25, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-25514

    Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php.... Read more

    Affected Products : seacms
    • Published: Feb. 25, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Injection

  • 3.4

    LOW
    CVE-2025-22211

    A SQL injection vulnerability in the JoomShopping component versions 1.0.0-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the country management area in backend.... Read more

    Affected Products : joomshopping
    • Published: Feb. 25, 2025
    • Modified: Apr. 09, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-0514

    Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.This issue affects LibreOffice: from 24.8 before < 24.8.5.... Read more

    Affected Products : libreoffice
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-27148

    Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within i... Read more

    Affected Products : gradle
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Misconfiguration

  • 2.8

    LOW
    CVE-2024-53879

    NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291573 Results