Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-8547

    A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remote... Read more

    Affected Products : pybbs
    • Published: Aug. 05, 2025
    • Modified: Sep. 03, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-9822

    SummaryA user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available. ImpactAn administrator who usually does not have access to certain parameters, such as database credential... Read more

    Affected Products : mautic
    • Published: Sep. 03, 2025
    • Modified: Sep. 03, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2024-0641

    A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.01
    • Published: Jan. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-4568

    In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.... Read more

    Affected Products : xpdf
    • Published: May. 06, 2024
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2024-3900

    Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText. ... Read more

    Affected Products : xpdf
    • Published: Apr. 17, 2024
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2019-20784

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (MTK chipsets) software. Interaction of GPS with 911 emergency calls is mishandled. The LG ID is LVE-SMP-180012 (January 2019).... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Apr. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-22421

    In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privile... Read more

    Affected Products : android
    • Published: Sep. 02, 2025
    • Modified: Sep. 03, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2019-20774

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A system service allows local retrieval of the user's password. The LG ID is LVE-SMP-190009 (August 2019).... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Apr. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-0798

    Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4.8.05.004 allow remote authenticated users to read e-mails of other users or create, modify, or delete directories via a .. (dot dot) in the argument to the... Read more

    Affected Products : mail_solution
    • EPSS Score: %1.95
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2025-8796

    A vulnerability has been found in LitmusChaos Litmus up to 3.19.0 and classified as problematic. This vulnerability affects unknown code of the file /auth/delete_project/ of the component Delete Request Handler. The manipulation of the argument projectID ... Read more

    Affected Products : litmus
    • Published: Aug. 10, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2024-28246

    KaTeX is a JavaScript library for TeX math rendering on the web. Code that uses KaTeX's `trust` option, specifically that provides a function to blacklist certain URL protocols, can be fooled by URLs in malicious inputs that use uppercase characters in th... Read more

    Affected Products : katex
    • Published: Mar. 25, 2024
    • Modified: Sep. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-30266

    wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at ru... Read more

    Affected Products : wasmtime
    • Published: Apr. 04, 2024
    • Modified: Sep. 02, 2025

  • 5.5

    MEDIUM
    CVE-2025-43284

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to cause unexpected system termination.... Read more

    Affected Products : macos
    • Published: Aug. 29, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2019-20631

    An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_list_count in utils/list.c that can cause a denial of service via a crafted MP4 file.... Read more

    Affected Products : gpac
    • EPSS Score: %0.31
    • Published: Mar. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-20633

    GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.... Read more

    Affected Products : patch
    • EPSS Score: %0.12
    • Published: Mar. 25, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-9801

    A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. T... Read more

    Affected Products :
    • Published: Sep. 01, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2022-43151

    timg v1.4.4 was discovered to contain a memory leak via the function timg::QueryBackgroundColor() at /timg/src/term-query.cc.... Read more

    Affected Products : timg
    • EPSS Score: %0.03
    • Published: Oct. 31, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-34502

    Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.... Read more

    Affected Products : radare2
    • EPSS Score: %0.14
    • Published: Jul. 22, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-27419

    rtl_433 21.12 was discovered to contain a stack overflow in the function acurite_00275rm_decode at /devices/acurite.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.... Read more

    Affected Products : rtl_433
    • EPSS Score: %0.29
    • Published: Apr. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-24614

    When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack aga... Read more

    • EPSS Score: %0.28
    • Published: Feb. 24, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292316 Results