Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

4.2

MEDIUM

CVE-2025-21214

Windows BitLocker Information Disclosure Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Information Disclosure
4.6

MEDIUM

CVE-2025-21213

Secure Boot Security Feature Bypass Vulnerability...

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Authentication
6.8

MEDIUM

CVE-2025-21211

Secure Boot Security Feature Bypass Vulnerability...

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Misconfiguration
4.2

MEDIUM

CVE-2025-21210

Windows BitLocker Information Disclosure Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Information Disclosure
7.5

HIGH

CVE-2025-21207

Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability...

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Denial of Service
6.1

MEDIUM

CVE-2025-21202

Windows Recovery Environment Agent Elevation of Privilege Vulnerability...

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Authorization
6.5

MEDIUM

CVE-2025-21193

Active Directory Federation Server Spoofing Vulnerability...

Affected Products : windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2025
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Authentication
4.3

MEDIUM

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Authorization
7.8

HIGH

CVE-2025-21187

Microsoft Power Automate Remote Code Execution Vulnerability...

Affected Products : power_automate_for_desktop
Published: Jan. 14, 2025

Modified: Feb. 05, 2025

Vuln Type: Authentication
7.8

HIGH

CVE-2025-21186

Microsoft Access Remote Code Execution Vulnerability...

Affected Products : office access 365_apps office_long_term_servicing_channel access_2016 office_2024 office_2021 office_2019
Published: Jan. 14, 2025

Modified: Jul. 01, 2025
8.8

HIGH

CVE-2025-21178

Visual Studio Remote Code Execution Vulnerability...

Affected Products : visual_studio_2017 visual_studio_2019 visual_studio visual_studio_2022
Published: Jan. 14, 2025

Modified: Jan. 27, 2025

Vuln Type: Misconfiguration
8.8

HIGH

CVE-2025-21176

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 linux_kernel .net_framework windows_server_2019 visual_studio_2017 macos visual_studio_2019 visual_studio +13 more products
Published: Jan. 14, 2025

Modified: May. 06, 2025
7.3

HIGH

CVE-2025-21173

.NET Elevation of Privilege Vulnerability...

Affected Products : linux_kernel visual_studio .net visual_studio_2022
Published: Jan. 14, 2025

Modified: May. 06, 2025

Vuln Type: Authorization
7.5

HIGH

CVE-2025-21172

.NET and Visual Studio Remote Code Execution Vulnerability...

Affected Products : linux_kernel visual_studio_2017 macos visual_studio_2019 visual_studio .net windows visual_studio_2022
Published: Jan. 14, 2025

Modified: May. 06, 2025

Vuln Type: Misconfiguration
7.5

HIGH

CVE-2025-21171

.NET Remote Code Execution Vulnerability...

Affected Products : linux_kernel macos visual_studio .net powershell windows visual_studio_2022
Published: Jan. 14, 2025

Modified: Jul. 10, 2025

Vuln Type: Authentication
7.5

HIGH

CVE-2025-0465

A vulnerability was found in AquilaCMS 1.412.13. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v2/categories. The manipulation of the argument PostBody.populate leads to deserialization. The attack ma...

Affected Products :
Published: Jan. 14, 2025

Modified: Jan. 14, 2025

Vuln Type: Injection
7.8

HIGH

CVE-2024-13172

Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required....

Affected Products : endpoint_manager
Published: Jan. 14, 2025

Modified: Jul. 11, 2025

Vuln Type: Authentication
7.8

HIGH

CVE-2024-13171

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required....

Affected Products : endpoint_manager
Published: Jan. 14, 2025

Modified: Jul. 11, 2025

Vuln Type: Authentication
7.5

HIGH

CVE-2024-13170

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service....

Affected Products : endpoint_manager
Published: Jan. 14, 2025

Modified: Jul. 11, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2024-13169

An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges....

Affected Products : endpoint_manager
Published: Jan. 14, 2025

Modified: Jul. 11, 2025

Vuln Type: Authorization

Showing 20 of 291722 Results

1
...
1458
1459
1460
1461
1462
1463
1464
...
14587

Latest CVE Feed

4.2

4.6

6.8

4.2

7.5

6.1

6.5

4.3

7.8

7.8

8.8

8.8

7.3

7.5

7.5

7.5

7.8

7.8

7.5

7.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable