Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2025-32728

    In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.... Read more

    Affected Products : debian_linux openssh
    • Published: Apr. 10, 2025
    • Modified: May. 22, 2025
    • Vuln Type: Misconfiguration

  • 4.4

    MEDIUM
    CVE-2025-29989

    Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial.... Read more

    • Published: Apr. 10, 2025
    • Modified: Aug. 18, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-32387

    Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has b... Read more

    Affected Products : helm
    • Published: Apr. 09, 2025
    • Modified: Sep. 03, 2025

  • 6.5

    MEDIUM
    CVE-2025-32386

    Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed (e.g., >800x difference). When Helm loads this specially crafted chart, memory can be exhausted ca... Read more

    Affected Products : helm
    • Published: Apr. 09, 2025
    • Modified: Sep. 03, 2025
    • Vuln Type: Denial of Service

  • 5.0

    MEDIUM
    CVE-2025-24375

    Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell ap... Read more

    Affected Products :
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Information Disclosure

  • 4.8

    MEDIUM
    CVE-2025-29018

    A Stored Cross-Site Scripting (XSS) vulnerability exists in the name parameter of pages_add_acc_type.php in Code Astro Internet Banking System 2.0.0.... Read more

    • Published: Apr. 09, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.7

    HIGH
    CVE-2025-30660

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a hi... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 8.7

    HIGH
    CVE-2025-30659

    An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device conf... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 8.7

    HIGH
    CVE-2025-30658

    A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On all SRX platforms with A... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Memory Corruption

  • 6.9

    MEDIUM
    CVE-2025-30657

    An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monit... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 8.7

    HIGH
    CVE-2025-30656

    An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Den... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Memory Corruption

  • 6.8

    MEDIUM
    CVE-2025-30655

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific "show... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 6.8

    MEDIUM
    CVE-2025-30654

    An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated attacker with access to the CLI to access sensitive info... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-30653

    An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, w... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 6.8

    MEDIUM
    CVE-2025-30652

    An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service (DoS). When asreg... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 8.7

    HIGH
    CVE-2025-30651

    A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When an attacker sends a... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 8.7

    HIGH
    CVE-2025-30649

    An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed pa... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 7.4

    HIGH
    CVE-2025-30648

    An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause the jdhcpd process to crash resulting in a Denial of Service (DoS). Whe... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 7.1

    HIGH
    CVE-2025-30647

    A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management ... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service

  • 7.1

    HIGH
    CVE-2025-30646

    A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to ... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 09, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service
Showing 20 of 293412 Results