Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-4596

    Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.... Read more

    Affected Products : helix_server helix_mobile_server
    • Published: Apr. 04, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-42631

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.... Read more

    • Published: Jan. 31, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-4467

    IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability t... Read more

    Affected Products : windows i2_analysts_notebook
    • Published: May. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-2487

    libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access,... Read more

    Affected Products : android
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2023-0104

    The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data.   ... Read more

    Affected Products : easybuilder_pro
    • Published: Feb. 22, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-20580

    The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.... Read more

    Affected Products : readyapi
    • Published: May. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-51434

    Some Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution. ... Read more

    Affected Products : magic_ui
    • Published: Dec. 29, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8935

    The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.... Read more

    • Published: Mar. 22, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-17107

    HEVC Video Extensions Remote Code Execution Vulnerability... Read more

    Affected Products : hevc_video_extensions
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-2422

    LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands.... Read more

    Affected Products :
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-6424

    External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint "/api/Proxy/Post?userName=&password=&uri=<FILE|INTERNAL URL|IP/HOST" or "/api/Proxy/Get?userName=&passw... Read more

    Affected Products : mesbook
    • Published: Jul. 01, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2025-49853

    ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries.... Read more

    Affected Products : control_id_idsecure
    • Published: Jun. 24, 2025
    • Modified: Jul. 02, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2024-55977

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in launch-page-importer LaunchPage.app Importer allows SQL Injection.This issue affects LaunchPage.app Importer: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.3

    HIGH
    CVE-2009-2875

    Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a d... Read more

    Affected Products : webex
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2963

    Unspecified vulnerability in the update feature in Toolbar Uninstaller 1.0.2 allows remote attackers to force the download and execution of arbitrary files via attack vectors related to a "malformed update url and a malformed update website."... Read more

    Affected Products : toolbar_uninstaller
    • Published: Aug. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2025-3022

    Os command injection vulnerability in e-solutions e-management. This vulnerability allows an attacker to execute arbitrary commands on the server via the ‘client’ parameter in the /data/apache/e-management/api/api3.php endpoint.... Read more

    Affected Products :
    • Published: Mar. 31, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2008-0805

    Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in sy... Read more

    Affected Products : medias_phpizabi
    • Published: Feb. 19, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2024-11263

    When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols.... Read more

    Affected Products : zephyr
    • Published: Nov. 15, 2024
    • Modified: Feb. 03, 2025

  • 9.3

    HIGH
    CVE-2021-0967

    In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.P... Read more

    Affected Products : android
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0599

    Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : windows
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results