Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.7

    HIGH
    CVE-2025-64645

    IBM Concert 1.0.0 through 2.1.0 could allow a local user to escalate their privileges due to a race condition of a symbolic link.... Read more

    Affected Products : concert
    • Published: Dec. 26, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Race Condition

  • 6.5

    MEDIUM
    CVE-2025-67743

    Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service (download_service.py) makes HTTP requests using raw requests.get() without utilizing the application's SSRF ... Read more

    Affected Products : local_deep_research
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Server-Side Request Forgery

  • 5.1

    MEDIUM
    CVE-2021-47722

    Zucchetti Axess CLOKI Access Control 1.64 contains a cross-site request forgery vulnerability that allows attackers to manipulate access control settings without user interaction. Attackers can craft malicious web pages with hidden forms to disable or mod... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 9.8

    CRITICAL
    CVE-2025-33222

    NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering.... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-33224

    NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disc... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-9684

    FreyrSCADA/IEC-60870-5-104 server v21.06.008 allows remote attackers to cause a denial of service by sending specific message sequences.... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Denial of Service

  • 9.8

    CRITICAL
    CVE-2025-33223

    NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disc... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authentication

  • 0.0

    NA
    CVE-2022-50710

    In the Linux kernel, the following vulnerability has been resolved: ice: set tx_tstamps when creating new Tx rings via ethtool When the user changes the number of queues via ethtool, the driver allocates new rings. This allocation did not initialize tx_... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-13703

    VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security for PC. An attacker must first obtain t... Read more

    Affected Products : advanced_security
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2022-50700

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On WCN3990, we are seeing a rare scenario where copy engine hardware is sending a copy complete interrupt to the host driver while still ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50701

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-14929

    Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User... Read more

    Affected Products : transformers
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2023-54040

    In the Linux kernel, the following vulnerability has been resolved: ice: fix wrong fallback logic for FDIR When adding a FDIR filter, if ice_vc_fdir_set_irq_ctx returns failure, the inserted fdir entry will not be removed and if ice_vc_fdir_write_fltr r... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-14926

    Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to e... Read more

    Affected Products : transformers
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-14498

    TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TradingView Desktop. An attacker must first obtain the ability to... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-14494

    RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-14925

    Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Accelerate. User interaction is required to explo... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-14922

    Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Diffusers. User interaction is required t... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-14928

    Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required t... Read more

    Affected Products : transformers
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-14409

    Soda PDF Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Soda PDF Desktop. User interaction is required to exploit this vul... Read more

    Affected Products : soda_pdf_desktop
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4608 Results