Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-21456

    Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.... Read more

    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 6.2

    MEDIUM
    CVE-2025-54608

    Vulnerability that allows setting screen rotation direction without permission verification in the screen management module. Impact: Successful exploitation of this vulnerability may cause device screen orientation to be arbitrarily set.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-21455

    Memory corruption while submitting blob data to kernel space though IOCTL.... Read more

    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2024-32006

    A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application does not expire the user session on reboot without logout. This could allow an attacker to bypass Multi-Factor Authentication.... Read more

    • Published: Sep. 10, 2024
    • Modified: Aug. 20, 2025

  • 8.1

    HIGH
    CVE-2024-38365

    btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference... Read more

    Affected Products : btcd
    • Published: Oct. 11, 2024
    • Modified: Aug. 20, 2025

  • 7.5

    HIGH
    CVE-2025-21452

    Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.... Read more

    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Denial of Service

  • 7.1

    HIGH
    CVE-2025-52955

    An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a memory corruption that leads to a rpd crash.  Wh... Read more

    Affected Products : junos junos_os_evolved
    • Published: Jul. 11, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-51543

    An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's password via the /administrator/auth/reset_password endpoint.... Read more

    Affected Products :
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Authentication

  • 5.9

    MEDIUM
    CVE-2024-43382

    Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption.... Read more

    Affected Products : snowflake_jdbc
    • Published: Oct. 30, 2024
    • Modified: Aug. 20, 2025

  • 7.5

    HIGH
    CVE-2024-46891

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logg... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Aug. 20, 2025

  • 6.3

    MEDIUM
    CVE-2024-46894

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoint. This could allow an authenticated remote attacker to ... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Aug. 20, 2025

  • 7.5

    HIGH
    CVE-2024-54137

    liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, p... Read more

    Affected Products : liboqs
    • Published: Dec. 06, 2024
    • Modified: Aug. 20, 2025

  • 8.1

    HIGH
    CVE-2025-54655

    Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Race Condition

  • 7.7

    HIGH
    CVE-2025-54607

    Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Authentication

  • 7.3

    HIGH
    CVE-2025-54606

    Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Denial of Service

  • 8.3

    HIGH
    CVE-2025-54622

    Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-54627

    Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025

  • 5.7

    MEDIUM
    CVE-2025-54618

    Permission control vulnerability in the distributed clipboard module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-54623

    Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-54619

    Iterator failure issue in the multi-mode input module. Impact: Successful exploitation of this vulnerability may cause iterator failures and affect availability.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291520 Results