Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.0

    CRITICAL
    CVE-2025-21198

    Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability... Read more

    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025

  • 7.1

    HIGH
    CVE-2025-21194

    Microsoft Surface Security Feature Bypass Vulnerability... Read more

    • Published: Feb. 11, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-21190

    Windows Telephony Service Remote Code Execution Vulnerability... Read more

    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Authentication

  • 6.0

    MEDIUM
    CVE-2025-21188

    Azure Network Watcher VM Extension Elevation of Privilege Vulnerability... Read more

    • Published: Feb. 11, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Authorization

  • 7.0

    HIGH
    CVE-2025-21184

    Windows Core Messaging Elevation of Privileges Vulnerability... Read more

    • Published: Feb. 11, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Authorization

  • 7.4

    HIGH
    CVE-2025-21183

    Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Feb. 11, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Authorization

  • 7.4

    HIGH
    CVE-2025-21182

    Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Feb. 11, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-21181

    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability... Read more

    • Published: Feb. 11, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Denial of Service

  • 4.8

    MEDIUM
    CVE-2025-21179

    DHCP Client Service Denial of Service Vulnerability... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Feb. 11, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-21163

    Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vict... Read more

    Affected Products : illustrator
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-21162

    Photoshop Elements versions 2025.0 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requ... Read more

    Affected Products : macos photoshop_elements
    • Published: Feb. 11, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-21161

    Substance3D - Designer versions 14.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more

    Affected Products : substance_3d_designer
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21160

    Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in... Read more

    Affected Products : illustrator
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21159

    Illustrator versions 29.1, 28.7.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open ... Read more

    Affected Products : illustrator
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21156

    InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that... Read more

    Affected Products : incopy
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-21155

    Substance3D - Stager versions 3.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-s... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Feb. 11, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Denial of Service

  • 4.3

    MEDIUM
    CVE-2019-15002

    An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker can log a user into the system under an unexpected account.... Read more

    Affected Products : jira_server jira_data_center
    • Published: Feb. 11, 2025
    • Modified: Jul. 30, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 8.1

    HIGH
    CVE-2025-24472

    An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstre... Read more

    Affected Products : fortios fortiproxy
    • Actively Exploited
    • Published: Feb. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authentication

  • 8.6

    HIGH
    CVE-2025-24470

    An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests.... Read more

    Affected Products : fortiportal
    • Published: Feb. 11, 2025
    • Modified: Jul. 22, 2025
    • Vuln Type: Path Traversal

  • 7.9

    HIGH
    CVE-2025-22399

    Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Server-Side Request Forgery
Showing 20 of 291638 Results