Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-25570

    Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2024-38292

    In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation.... Read more

    Affected Products : xiq-se
    • Published: Feb. 27, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Path Traversal

  • 8.8

    HIGH
    CVE-2024-38291

    In XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which could lead to privilege escalation.... Read more

    Affected Products : xiq-se
    • Published: Feb. 27, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2024-38290

    In XIQ-SE before 24.2.11, a server misconfiguration may allow user enumeration when specific conditions are met.... Read more

    Affected Products : xiq-se
    • Published: Feb. 27, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2024-55160

    GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list.... Read more

    Affected Products : gfast
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-51139

    Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 ... Read more

    • Published: Feb. 27, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2024-51138

    Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earl... Read more

    • Published: Feb. 27, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Memory Corruption

  • 8.4

    HIGH
    CVE-2024-41340

    An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2... Read more

    • Published: Feb. 27, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2024-41339

    An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vi... Read more

    • Published: Feb. 27, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2024-41338

    A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4... Read more

    • Published: Feb. 27, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2024-41336

    Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 pri... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Cryptography

  • 7.5

    HIGH
    CVE-2024-41335

    Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 pri... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2024-41334

    Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 pri... Read more

    • Published: Feb. 27, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-22952

    elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks.... Read more

    Affected Products : memos
    • Published: Feb. 27, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Server-Side Request Forgery

  • 5.5

    MEDIUM
    CVE-2025-21824

    In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 ("gpu: host1x: Fix boot regression for Tegra") caused a use of uninitialized mutex leading to below warning when CONFIG... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21823

    In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21822

    In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Set driver data before its usage If vmclock_ptp_register() fails during probing, vmclock_remove() is called to clean up the ptp clock and misc device. It uses dev_get_drvd... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21821

    In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Mod... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2025-21820

    In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ========================... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21819

    In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect with tw... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 292818 Results