Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-21831

    A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.... Read more

    Affected Products : debian_linux rails active_storage
    • EPSS Score: %1.14
    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-2647

    A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /admin/singlelogin.php. The manipulation of the argument loginId leads to sql in... Read more

    • Published: Mar. 19, 2024
    • Modified: Feb. 10, 2025

  • 9.8

    CRITICAL
    CVE-2019-7195

    This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.... Read more

    Affected Products : photo_station qts
    • Actively Exploited
    • EPSS Score: %89.01
    • Published: Dec. 05, 2019
    • Modified: Feb. 13, 2025

  • 9.8

    CRITICAL
    CVE-2021-26701

    .NET Core Remote Code Execution Vulnerability... Read more

    • EPSS Score: %1.74
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-8345

    A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The at... Read more

    Affected Products : music_gallery_site
    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-6980

    A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.... Read more

    • Published: Jul. 31, 2024
    • Modified: Feb. 07, 2025

  • 9.8

    CRITICAL
    CVE-2023-33668

    DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers.... Read more

    Affected Products : digiexam
    • EPSS Score: %0.92
    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-57098

    Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter.... Read more

    Affected Products :
    • Published: Feb. 03, 2025
    • Modified: Mar. 18, 2025

  • 9.8

    CRITICAL
    CVE-2023-28883

    In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint.... Read more

    Affected Products : cerebrate
    • EPSS Score: %0.07
    • Published: Mar. 27, 2023
    • Modified: Feb. 19, 2025

  • 9.8

    CRITICAL
    CVE-2025-4864

    A vulnerability has been found in itsourcecode Restaurant Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/finished.php. The manipulation of the argument ID leads to sql injection. The attack can... Read more

    Affected Products : restaurant_management_system
    • Published: May. 18, 2025
    • Modified: May. 21, 2025

  • 9.8

    CRITICAL
    CVE-2017-13013

    The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.12
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13027

    The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.36
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-13039

    The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.60
    • Published: Sep. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2018-6485

    An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap ... Read more

    • EPSS Score: %0.66
    • Published: Feb. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2004-0772

    Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.... Read more

    Affected Products : debian_linux kerberos_5 openpkg
    • EPSS Score: %21.77
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2021-33719

    A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted ... Read more

    • EPSS Score: %0.56
    • Published: Sep. 14, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-14061

    Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.... Read more

    Affected Products : libidn2
    • EPSS Score: %0.57
    • Published: Aug. 31, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2024-22097

    A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Master Branch (ab0ee111) and 2.5.0. A specially crafted .vdhr file can lead to arbitrary code execution. An attacker can provide a malicious... Read more

    Affected Products : fedora libbiosig
    • Published: Feb. 20, 2024
    • Modified: Aug. 10, 2025

  • 9.8

    CRITICAL
    CVE-2025-43232

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to bypass certain Privacy preferences.... Read more

    Affected Products : macos
    • Published: Jul. 30, 2025
    • Modified: Aug. 01, 2025

  • 9.8

    CRITICAL
    CVE-2025-31279

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user.... Read more

    Affected Products : macos ipados
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025
Showing 20 of 291162 Results