Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-8738

    A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information dis... Read more

    Affected Products : microservices-platform
    • Published: Aug. 08, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2024-2877

    Vault Enterprise, when configured with performance standby nodes and a configured audit device, will inadvertently log request headers on the standby node. These logs may have included sensitive HTTP request information in cleartext. This vulnerability, ... Read more

    Affected Products : vault
    • Published: Apr. 30, 2024
    • Modified: Aug. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-49351

    IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user.... Read more

    • Published: Nov. 26, 2024
    • Modified: Aug. 08, 2025

  • 5.5

    MEDIUM
    CVE-2023-37359

    Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-37356

    Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-5512

    Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Nov. 22, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2025-8546

    A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the ... Read more

    Affected Products : pybbs
    • Published: Aug. 05, 2025
    • Modified: Sep. 03, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2024-1978

    The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.5 via the discover_available_feeds function. This makes it possible for authenticated attackers, with administrator-level access and ab... Read more

    Affected Products : friends
    • Published: Feb. 29, 2024
    • Modified: Aug. 01, 2025

  • 5.5

    MEDIUM
    CVE-2024-20324

    A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit... Read more

    Affected Products : ios_xe
    • Published: Mar. 27, 2024
    • Modified: Jul. 30, 2025

  • 5.5

    MEDIUM
    CVE-2024-32926

    there is a possible information disclosure due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jun. 13, 2024
    • Modified: Jul. 22, 2025

  • 5.5

    MEDIUM
    CVE-2024-47015

    In ProtocolMiscHwConfigChangeAdapter::GetData() of protocolmiscadapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction ... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 5.5

    MEDIUM
    CVE-2025-7233

    IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of IrfanView CADImage Plugin. User interaction is re... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-48188

    libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data/encrypted-file.c) to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read.... Read more

    Affected Products : pspp
    • Published: May. 16, 2025
    • Modified: Jul. 17, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-20870

    Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.... Read more

    Affected Products : galaxy_store
    • Published: May. 07, 2024
    • Modified: Jul. 17, 2025

  • 5.5

    MEDIUM
    CVE-2025-20951

    Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.... Read more

    Affected Products : galaxy_store
    • Published: Apr. 08, 2025
    • Modified: Jul. 17, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2024-20869

    Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies.... Read more

    Affected Products : internet
    • Published: May. 07, 2024
    • Modified: Jul. 17, 2025

  • 5.5

    MEDIUM
    CVE-2023-52728

    Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in putBitString.... Read more

    Affected Products : onos-lib-go
    • Published: Apr. 30, 2024
    • Modified: Jul. 14, 2025

  • 5.5

    MEDIUM
    CVE-2025-7450

    A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It has been classified as critical. This affects the function ResetUserAvatar of the file controller/api/v1/user.go of the component API. The manipulation of the argument filename leads to path ... Read more

    Affected Products :
    • Published: Jul. 11, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2023-40473

    PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit th... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-33884

    In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 294836 Results