Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.4

    HIGH
    CVE-2025-21587

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle Gr... Read more

    Affected Products : jdk jre graalvm java_se graalvm_for_jdk
    • Published: Apr. 15, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Authentication

  • 5.4

    MEDIUM
    CVE-2025-21586

    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access v... Read more

    Affected Products : jd_edwards_enterpriseone_tools
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authentication

  • 4.9

    MEDIUM
    CVE-2025-21585

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network a... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21584

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access ... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21583

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.4.0 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to ... Read more

    Affected Products : snapcenter mysql_server
    • Published: Apr. 15, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2025-21582

    Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network acces... Read more

    Affected Products : crm_technical_foundation
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-21581

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network a... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21580

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access ... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21579

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network acc... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 6.7

    MEDIUM
    CVE-2025-21578

    Vulnerability in Oracle Secure Backup (component: General). Supported versions that are affected are 12.1.0.1, 12.1.0.2, 12.1.0.3, 18.1.0.0, 18.1.0.1 and 18.1.0.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infras... Read more

    Affected Products : secure_backup
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2025-21577

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via mu... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 5.4

    MEDIUM
    CVE-2025-21576

    Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Personalization Server). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with... Read more

    Affected Products : commerce_platform
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-21575

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network acces... Read more

    Affected Products : mysql_server mysql_cluster
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-21574

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network acces... Read more

    Affected Products : mysql_server mysql_cluster
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 6.0

    MEDIUM
    CVE-2025-21573

    Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot). Supported versions that are affected are 5.1.0.0.0, 6.1.0.0.0 and 7.0.0.0.0. Difficult to exploit vulne... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2025-1656

    A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the co... Read more

    Affected Products : revit
    • Published: Apr. 15, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-1277

    A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more

    Affected Products : revit
    • Published: Apr. 15, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-1276

    A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the ... Read more

    • Published: Apr. 15, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-1275

    A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code i... Read more

    • Published: Apr. 15, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-1274

    A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the ... Read more

    Affected Products : revit
    • Published: Apr. 15, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293508 Results