Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.9

    MEDIUM
    CVE-2025-30254

    An unauthenticated attacker can obtain a serial number of a smart meter(s) using its owner's username.... Read more

    Affected Products :
    • Published: Apr. 15, 2025
    • Modified: Apr. 16, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-2497

    A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more

    Affected Products : revit
    • Published: Apr. 15, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-27939

    An attacker can change registered email addresses of other users and take over arbitrary accounts.... Read more

    Affected Products :
    • Published: Apr. 15, 2025
    • Modified: Apr. 16, 2025
    • Vuln Type: Authorization

  • 6.9

    MEDIUM
    CVE-2025-27938

    Unauthenticated attackers can obtain restricted information about a user's smart device collections (i.e., "rooms").... Read more

    Affected Products :
    • Published: Apr. 15, 2025
    • Modified: Apr. 16, 2025
    • Vuln Type: Authentication

  • 6.9

    MEDIUM
    CVE-2025-27568

    An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request.... Read more

    Affected Products :
    • Published: Apr. 15, 2025
    • Modified: Apr. 16, 2025
    • Vuln Type: Authentication

  • 6.9

    MEDIUM
    CVE-2025-24487

    An unauthenticated attacker can infer the existence of usernames in the system by querying an API.... Read more

    Affected Products :
    • Published: Apr. 15, 2025
    • Modified: Apr. 16, 2025
    • Vuln Type: Information Disclosure

  • 4.9

    MEDIUM
    CVE-2025-21588

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple p... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 19, 2025
    • Vuln Type: Denial of Service

  • 7.4

    HIGH
    CVE-2025-21587

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle Gr... Read more

    Affected Products : jdk jre graalvm java_se graalvm_for_jdk
    • Published: Apr. 15, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Authentication

  • 5.4

    MEDIUM
    CVE-2025-21586

    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access v... Read more

    Affected Products : jd_edwards_enterpriseone_tools
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authentication

  • 4.9

    MEDIUM
    CVE-2025-21585

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network a... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21584

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access ... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21583

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.4.0 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to ... Read more

    Affected Products : snapcenter mysql_server
    • Published: Apr. 15, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2025-21582

    Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network acces... Read more

    Affected Products : crm_technical_foundation
    • Published: Apr. 15, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-21581

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network a... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21580

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access ... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-21579

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network acc... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 6.7

    MEDIUM
    CVE-2025-21578

    Vulnerability in Oracle Secure Backup (component: General). Supported versions that are affected are 12.1.0.1, 12.1.0.2, 12.1.0.3, 18.1.0.0, 18.1.0.1 and 18.1.0.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infras... Read more

    Affected Products : secure_backup
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2025-21577

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via mu... Read more

    Affected Products : mysql_server
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service

  • 5.4

    MEDIUM
    CVE-2025-21576

    Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Personalization Server). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with... Read more

    Affected Products : commerce_platform
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-21575

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network acces... Read more

    Affected Products : mysql_server mysql_cluster
    • Published: Apr. 15, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Denial of Service
Showing 20 of 293555 Results