Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-3209

    A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. T... Read more

    Affected Products : fedora upx upx
    • Published: Apr. 02, 2024
    • Modified: Apr. 25, 2025

  • 9.8

    CRITICAL
    CVE-2013-4211

    A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code... Read more

    Affected Products : openx
    • EPSS Score: %88.60
    • Published: Feb. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-3941

    Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a ... Read more

    Affected Products : xnview
    • EPSS Score: %5.32
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-3493

    XnView 2.03 has an integer overflow vulnerability... Read more

    Affected Products : xnview
    • EPSS Score: %0.41
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-27810

    A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os tvos watchos ipad_os ipados
    • Published: May. 14, 2024
    • Modified: Dec. 12, 2024

  • 9.8

    CRITICAL
    CVE-2022-32203

    There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773) This vulnerability has been assigned a Common Vulnerabili... Read more

    Affected Products : cv81-wdm_firmware cv81-wdm
    • Published: Dec. 20, 2024
    • Modified: Jan. 10, 2025

  • 9.8

    CRITICAL
    CVE-2013-2166

    python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass... Read more

    • EPSS Score: %0.09
    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2010

    WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability... Read more

    Affected Products : w3_total_cache wp_super_cache
    • EPSS Score: %83.16
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-1666

    Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.... Read more

    Affected Products : foswiki
    • EPSS Score: %4.13
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-22258

    The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.... Read more

    Affected Products : emui harmonyos magic_ui
    • EPSS Score: %0.34
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-6712

    In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.78
    • Published: Jul. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-6652

    Directory traversal vulnerability in pageflipbook.php script from index.php in Page Flip Book plugin for WordPress (wppageflip) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pageflipbook_language parameter.... Read more

    Affected Products : page_flip_book
    • EPSS Score: %2.26
    • Published: May. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-12953

    A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected by this issue is some unknown functionality of the file /update_pd_process.php. The manipulation of the argument profile leads... Read more

    Affected Products : portfolio_management_system_mca
    • Published: Dec. 26, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2012-5357

    Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data.... Read more

    Affected Products : ektron_content_management_system
    • EPSS Score: %82.60
    • Published: Oct. 30, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2024-3465

    A vulnerability was found in SourceCodester Laundry Management System 1.0. It has been classified as critical. Affected is the function laporan_filter of the file /application/controller/Transaki.php. The manipulation of the argument dari/sampai leads to ... Read more

    Affected Products : laundry_shop_management_system
    • Published: Apr. 08, 2024
    • Modified: Jan. 17, 2025

  • 9.8

    CRITICAL
    CVE-2012-5190

    Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability... Read more

    Affected Products : prizm_content_connect
    • EPSS Score: %10.75
    • Published: Jan. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-2615

    Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124.... Read more

    Affected Products : firefox
    • Published: Mar. 19, 2024
    • Modified: Mar. 14, 2025

  • 9.8

    CRITICAL
    CVE-2024-24577

    libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be... Read more

    Affected Products : libgit2
    • EPSS Score: %0.31
    • Published: Feb. 06, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-23286

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. Proc... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Mar. 08, 2024
    • Modified: Dec. 09, 2024

  • 9.8

    CRITICAL
    CVE-2012-3807

    Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.... Read more

    Affected Products : kies
    • EPSS Score: %34.86
    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291617 Results