Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

9.4

CRITICAL

CVE-2025-54298

A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered....

Affected Products :
Published: Jul. 28, 2025

Modified: Jul. 29, 2025

Vuln Type: Cross-Site Scripting
9.4

CRITICAL

CVE-2025-54299

A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered....

Affected Products :
Published: Jul. 28, 2025

Modified: Jul. 29, 2025

Vuln Type: Cross-Site Scripting
9.4

CRITICAL

CVE-2019-19108

An authentication weakness in the SNMP service in B&R Automation Runtime versions 2.96, 3.00, 3.01, 3.06 to 3.10, 4.00 to 4.63, 4.72 and above allows unauthenticated users to modify the configuration of B&R products via SNMP....

Affected Products : automation_runtime automation_studio
EPSS Score: %0.57

Published: Apr. 20, 2020

Modified: Nov. 21, 2024
9.4

CRITICAL

CVE-2025-53120

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server....

Affected Products :
Published: Aug. 25, 2025

Modified: Aug. 25, 2025

Vuln Type: Path Traversal
9.4

CRITICAL

CVE-2025-25182

Stroom is a data processing, storage and analysis platform. A vulnerability exists starting in version 7.2-beta.53 and prior to versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2 that allows authentication bypass to a Stroom system when configured with A...

Affected Products : stroom
Published: Feb. 12, 2025

Modified: Feb. 12, 2025

Vuln Type: Authentication
9.4

CRITICAL

CVE-2019-17638

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ...

Affected Products : jetty
EPSS Score: %27.65

Published: Jul. 09, 2020

Modified: Nov. 21, 2024
9.4

HIGH

CVE-2007-2386

Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet....

Affected Products : mac_os_x mac_os_x
EPSS Score: %71.93

Published: May. 24, 2007

Modified: Apr. 09, 2025
9.4

HIGH

CVE-2019-11993

A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVi...

Affected Products : simplivity_380_gen9_firmware simplivity_380_gen10_g_firmware simplivity_380_gen10_firmware simplivity_2600_gen10_firmware simplivity_omnicube_firmware simplivity_omnistack_for_dell_firmware simplivity_omnistack_for_cisco_firmware simplivity_omnistack_for_lenovo_firmware simplivity_380_gen9 simplivity_380_gen10_g +6 more products
EPSS Score: %0.50

Published: Jan. 03, 2020

Modified: Nov. 21, 2024
9.4

HIGH

CVE-2019-10610

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snap...

Affected Products : sdx55_firmware sdm660_firmware sm8150_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware qcs605_firmware sdx24_firmware apq8009_firmware mdm9650_firmware +100 more products
EPSS Score: %0.24

Published: Apr. 16, 2020

Modified: Nov. 21, 2024
9.4

HIGH

CVE-2019-10577

Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

Affected Products : sdx55_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware qcs605_firmware sdx24_firmware +104 more products
EPSS Score: %0.26

Published: Mar. 05, 2020

Modified: Nov. 21, 2024
9.4

HIGH

CVE-2019-10579

Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...

Affected Products : qca6574au_firmware sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware qcs605_firmware apq8009_firmware +84 more products
EPSS Score: %0.24

Published: Jan. 21, 2020

Modified: Nov. 21, 2024
9.4

HIGH

CVE-2019-10554

Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Con...

Affected Products : sdx55_firmware sdm660_firmware sm8150_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware qcs605_firmware sdx24_firmware apq8009_firmware mdm9650_firmware +100 more products
EPSS Score: %0.22

Published: Mar. 05, 2020

Modified: Nov. 21, 2024
9.4

HIGH

CVE-2019-10553

Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdrago...

Affected Products : sdx55_firmware sdm660_firmware sm8150_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware qcs605_firmware sdx24_firmware apq8009_firmware mdm9650_firmware +98 more products
EPSS Score: %0.22

Published: Mar. 05, 2020

Modified: Nov. 21, 2024
9.4

HIGH

CVE-2019-10552

Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdr...

Affected Products : sdx55_firmware sdm660_firmware sm8150_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware qcs605_firmware sdx24_firmware apq8009_firmware mdm9650_firmware +100 more products
EPSS Score: %0.24

Published: Mar. 05, 2020

Modified: Nov. 21, 2024
9.4

CRITICAL

CVE-2025-57761

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_funcionario parameter. This vulnerability allows attackers to exec...

Affected Products : wegia
Published: Aug. 21, 2025

Modified: Aug. 22, 2025

Vuln Type: Injection
9.4

CRITICAL

CVE-2025-24902

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_cargo.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access...

Affected Products : wegia
Published: Feb. 03, 2025

Modified: Aug. 22, 2025
9.4

CRITICAL

CVE-2025-27494

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an aut...

Affected Products : sipass_integrated_acc-ap_firmware sipass_integrated_ac5102_\(acc-g2\)_firmware sipass_integrated_acc-ap sipass_integrated_ac5102_\(acc-g2\)
Published: Mar. 11, 2025

Modified: Aug. 22, 2025

Vuln Type: Authorization
9.4

CRITICAL

CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server....

Affected Products : netscaler_application_delivery_controller netscaler_gateway
Actively Exploited

EPSS Score: %94.32

Published: Oct. 10, 2023

Modified: Mar. 13, 2025
9.4

HIGH

CVE-2007-3180

Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors....

Affected Products : help_and_support_center
EPSS Score: %1.21

Published: Jun. 12, 2007

Modified: Apr. 09, 2025
9.4

HIGH

CVE-2007-2271

Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the dnld parameter....

Affected Products : usp_foss_distribution
EPSS Score: %6.76

Published: Apr. 25, 2007

Modified: Apr. 09, 2025

Showing 20 of 292522 Results

1
...
1766
1767
1768
1769
1770
1771
1772
...
14627

Browse by Apps

Latest CVE Feed

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

9.4

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable