Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.9

    CRITICAL
    CVE-2017-16328

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-16329

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-16331

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-16333

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-16335

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-16336

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-22579

    Due to improper parameter filtering in the sequalize js library, can a attacker peform injection.... Read more

    Affected Products : sequelize
    • EPSS Score: %0.10
    • Published: Feb. 16, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-26055

    XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability ... Read more

    Affected Products : xwiki commons
    • EPSS Score: %0.87
    • Published: Mar. 02, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-26471

    XWiki Platform is a generic wiki platform. Starting in version 11.6-rc-1, comments are supposed to be executed with the right of superadmin but in restricted mode (anything dangerous is disabled), but the async macro does not take into account the restric... Read more

    Affected Products : xwiki
    • EPSS Score: %1.74
    • Published: Mar. 02, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-26472

    XWiki Platform is a generic wiki platform. Starting in version 6.2-milestone-1, one can execute any wiki content with the right of IconThemeSheet author by creating an icon theme with certain content. This can be done by creating a new page or even throug... Read more

    Affected Products : xwiki
    • EPSS Score: %1.42
    • Published: Mar. 02, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2025-42950

    SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Injection

  • 9.9

    CRITICAL
    CVE-2023-29518

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root ca... Read more

    Affected Products : xwiki
    • EPSS Score: %2.15
    • Published: Apr. 19, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-29522

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestrict... Read more

    Affected Products : xwiki
    • EPSS Score: %2.83
    • Published: Apr. 19, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-30898

    A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All... Read more

    Affected Products : siveillance_video
    • EPSS Score: %1.99
    • Published: May. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2021-4360

    The Controlled Admin Access plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 1.5.5 by not properly restricting access to the configuration page. This makes it possible for attackers to create a new administrator... Read more

    Affected Products : controlled_admin_access
    • EPSS Score: %0.13
    • Published: Jun. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-25911

    The Danfoss AK-EM100 web applications allow for an authenticated user to perform OS command injection through the web application parameters.... Read more

    Affected Products : ak-em100_firmware ak-em100
    • EPSS Score: %0.69
    • Published: Jun. 11, 2023
    • Modified: Jan. 17, 2025

  • 9.9

    CRITICAL
    CVE-2023-35166

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute any wiki content with the right of the TipsPanel author by creating a tip UI extension. This has been patched in XWiki 15.1-r... Read more

    Affected Products : xwiki
    • EPSS Score: %30.22
    • Published: Jun. 20, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-34465

    XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, `Mail.MailConfig` can be edited by any logged-in user by default. Consequently, they can change the mail obfuscation configuration an... Read more

    Affected Products : xwiki
    • EPSS Score: %0.55
    • Published: Jun. 23, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-36460

    Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon's media processing code to create arbitra... Read more

    Affected Products : mastodon
    • EPSS Score: %34.24
    • Published: Jul. 06, 2023
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2023-32231

    An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated c... Read more

    Affected Products : printerlogic_client
    • EPSS Score: %0.46
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291401 Results