Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-43059

    Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-43057

    Memory corruption while processing command in Glink linux.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2024-43056

    Transient DOS during hypervisor virtual I/O operation in a virtual machine.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2024-43055

    Memory corruption while processing camera use case IOCTL call.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-43051

    Information disclosure while deriving keys for a session for any Widevine use case.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Cryptography

  • 5.4

    MEDIUM
    CVE-2024-38426

    While processing the authentication message in UE, improper authentication may lead to information disclosure.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2024-24778

    Improper privilege management in a REST interface allowed registered users to access unauthorized resources if the resource ID was know. This issue affects Apache StreamPipes: through 0.95.1. Users are recommended to upgrade to version 0.97.0 which... Read more

    Affected Products : streampipes
    • Published: Mar. 03, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2024-10925

    A vulnerability in GitLab-EE affecting all versions from 16.2 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows a Guest user to read Security policy YAML... Read more

    Affected Products : gitlab
    • Published: Mar. 03, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Information Disclosure

  • 5.4

    MEDIUM
    CVE-2024-8186

    An issue has been discovered in GitLab CE/EE affecting all versions from 16.6 before 17.7.6, 17.8 before 17.8.4, and 17.9 before 17.9.1. An attacker could inject HMTL into the child item search potentially leading to XSS in certain situations.... Read more

    Affected Products : gitlab
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2025-25280

    Buffer overflow vulnerability exists in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device ... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-24846

    Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sen... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-24654

    Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.4.05.... Read more

    Affected Products : seo_plugin_by_squirrly_seo
    • Published: Mar. 03, 2025
    • Modified: Apr. 04, 2025
    • Vuln Type: Authorization

  • 10.0

    CRITICAL
    CVE-2025-1867

    Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3.... Read more

    Affected Products : libhv
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Misconfiguration

  • 10.0

    CRITICAL
    CVE-2025-1866

    Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 10.0

    CRITICAL
    CVE-2025-1864

    Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.... Read more

    Affected Products : radare2
    • Published: Mar. 03, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-1859

    A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file /login.php. The manipulation of the argument id leads to sql injection. The attack may be initiated rem... Read more

    Affected Products : news_portal news_portal_project
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-1858

    A vulnerability classified as critical was found in Codezips Online Shopping Website 1.0. This vulnerability affects unknown code of the file /success.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. T... Read more

    Affected Products : online_shopping_website
    • Published: Mar. 03, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-1857

    A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. The manipulation of the argument employeeid leads to sql injection. It is poss... Read more

    • Published: Mar. 03, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-1856

    A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/gen_invoice.php. The manipulation of the argument id leads to sql injection. ... Read more

    Affected Products : gym_management_system
    • Published: Mar. 03, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Injection

  • 8.1

    HIGH
    CVE-2025-1723

    Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug.... Read more

    Affected Products : manageengine_adselfservice_plus
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Authentication
Showing 20 of 292892 Results