Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.5

HIGH

CVE-2024-48854

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec....

Affected Products : qnx_software_development_platform
Published: Jan. 14, 2025

Modified: Jan. 21, 2025

Vuln Type: Information Disclosure
6.5

MEDIUM

CVE-2025-23366

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated a...

Affected Products :
Published: Jan. 14, 2025

Modified: Jan. 14, 2025

Vuln Type: Cross-Site Scripting
7.2

HIGH

CVE-2025-23052

Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as a privileged user on the underlying operati...

Affected Products :
Published: Jan. 14, 2025

Modified: Jan. 23, 2025

Vuln Type: Injection
7.2

HIGH

CVE-2025-23051

An authenticated parameter injection vulnerability exists in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated user to leverage parameter injection to overwrite arbitrary sys...

Affected Products :
Published: Jan. 14, 2025

Modified: Jan. 23, 2025

Vuln Type: Injection
9.0

CRITICAL

CVE-2025-23025

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. NOTE: The Realtime WYSIWYG Editor extension was **experimental**, and thus **not recommended**, in the versions affected by this vulnerability. It has...

Affected Products : xwiki
Published: Jan. 14, 2025

Modified: May. 13, 2025

Vuln Type: Authorization
7.5

HIGH

CVE-2025-21607

Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the precompiles EcRecover (0x1) and Identity (0x4), the success flag of the call is not checked. As a consequence an attacker can provide a specific amount of gas to mak...

Affected Products : vyper
Published: Jan. 14, 2025

Modified: Apr. 24, 2025

Vuln Type: Misconfiguration
8.8

HIGH

CVE-2025-21417

Windows Telephony Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 16, 2025

Vuln Type: Authentication
8.8

HIGH

CVE-2025-21413

Windows Telephony Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 16, 2025

Vuln Type: Authentication
8.8

HIGH

CVE-2025-21411

Windows Telephony Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 16, 2025

Vuln Type: Authentication
8.8

HIGH

CVE-2025-21409

Windows Telephony Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 16, 2025

Vuln Type: Misconfiguration
7.3

HIGH

CVE-2025-21405

Visual Studio Elevation of Privilege Vulnerability...

Affected Products : visual_studio visual_studio_2022
Published: Jan. 14, 2025

Modified: Jan. 17, 2025

Vuln Type: Authorization
6.4

MEDIUM

CVE-2025-21403

On-Premises Data Gateway Information Disclosure Vulnerability...

Affected Products : on-prem_data_gateway sap_hana_enabled_sso_for_onpremises_data_gateway
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Information Disclosure
7.8

HIGH

CVE-2025-21402

Microsoft Office OneNote Remote Code Execution Vulnerability...

Affected Products : office office_long_term_servicing_channel onenote onenote_for_mac office_macos_2024 office_macos_2021
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Denial of Service
7.8

HIGH

CVE-2025-21395

Microsoft Access Remote Code Execution Vulnerability...

Affected Products : office access 365_apps office_long_term_servicing_channel access_2016 office_2024 office_2021 office_2019
Published: Jan. 14, 2025

Modified: Jul. 01, 2025

Vuln Type: Authentication
6.3

MEDIUM

CVE-2025-21393

Microsoft SharePoint Server Spoofing Vulnerability...

Affected Products : sharepoint_server sharepoint_server_2016 sharepoint_server_2019
Published: Jan. 14, 2025

Modified: Jan. 17, 2025

Vuln Type: Authentication
7.5

HIGH

CVE-2025-21389

Windows upnphost.dll Denial of Service Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 17, 2025

Vuln Type: Denial of Service
7.8

HIGH

CVE-2025-21382

Windows Graphics Component Elevation of Privilege Vulnerability...

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products
Published: Jan. 14, 2025

Modified: Jan. 17, 2025

Vuln Type: Authorization
7.8

HIGH

CVE-2025-21378

Windows CSC Service Elevation of Privilege Vulnerability...

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products
Published: Jan. 14, 2025

Modified: Jan. 17, 2025

Vuln Type: Authorization
5.5

MEDIUM

CVE-2025-21374

Windows CSC Service Information Disclosure Vulnerability...

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products
Published: Jan. 14, 2025

Modified: Jan. 17, 2025

Vuln Type: Information Disclosure
7.8

HIGH

CVE-2025-21372

Microsoft Brokering File System Elevation of Privilege Vulnerability...

Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025
Published: Jan. 14, 2025

Modified: Jan. 17, 2025

Vuln Type: Authorization

Showing 20 of 291750 Results

1
...
1452
1453
1454
1455
1456
1457
1458
...
14588

Latest CVE Feed

7.5

6.5

7.2

7.2

9.0

7.5

8.8

8.8

8.8

8.8

7.3

6.4

7.8

7.8

6.3

7.5

7.8

7.8

5.5

7.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable