Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.3

    MEDIUM
    CVE-2025-58781

    WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic.... Read more

    Affected Products :
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cryptography

  • 7.3

    HIGH
    CVE-2025-3025

    Elevation of Privileges in the cleaning feature of Gen Digital CCleaner version 6.33.11465 on Windows allows a local user to gain SYSTEM privileges via exploiting insecure file delete operations. Reported in CCleaner v. 6.33.11465. This issue affects CCle... Read more

    Affected Products :
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2022-50256

    In the Linux kernel, the following vulnerability has been resolved: drm/meson: remove drm bridges at aggregate driver unbind time drm bridges added by meson_encoder_hdmi_init and meson_encoder_cvbs_init were not manually removed at module unload time, w... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50253

    In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50250

    In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix use_count leakage when handling boot-on I found a use_count leakage towards supply regulator of rdev with boot-on option. ┌───────────────────┐ ┌────────... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2022-50251

    In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50239

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory: [ 9.068287] Unable to handle kernel write to read-... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50242

    In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() If vp alloc failed in qlcnic_sriov_init(), all previously allocated vp needs to be freed.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50249

    In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease th... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-10210

    A weakness has been identified in yanyutao0402 ChanCMS up to 3.3.0. Impacted is the function Search of the file app/modules/api/service/Api.js. Executing manipulation of the argument key can lead to sql injection. The attack can be launched remotely. The ... Read more

    Affected Products : chancms
    • Published: Sep. 10, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-10211

    A security vulnerability has been detected in yanyutao0402 ChanCMS 3.3.0. The affected element is the function CollectController of the file /cms/collect/getArticle. The manipulation of the argument taskUrl leads to server-side request forgery. The attack... Read more

    Affected Products : chancms
    • Published: Sep. 10, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Server-Side Request Forgery

  • 7.8

    HIGH
    CVE-2025-9275

    Oxford Instruments Imaris Viewer IMS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments Imaris Viewer. User interaction... Read more

    Affected Products : imaris_viewer
    • Published: Sep. 02, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-9274

    Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments Imaris Viewer. User interacti... Read more

    Affected Products : imaris_viewer
    • Published: Sep. 02, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 6.1

    MEDIUM
    CVE-2025-9111

    The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is ... Read more

    Affected Products : wpbot
    • Published: Sep. 09, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.8

    HIGH
    CVE-2025-54242

    Premiere Pro versions 25.3, 24.6.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open... Read more

    Affected Products : macos premiere_pro windows
    • Published: Sep. 09, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 8.6

    HIGH
    CVE-2025-54256

    Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ... Read more

    Affected Products : macos windows dreamweaver
    • Published: Sep. 09, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 4.4

    MEDIUM
    CVE-2025-54255

    Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass. Exploitation of this issue does not require user interaction... Read more

    • Published: Sep. 09, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-54257

    Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Sep. 09, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-58795

    Missing Authorization vulnerability in Payoneer Inc. Payoneer Checkout allows Content Spoofing.This issue affects Payoneer Checkout: from n/a through 3.4.0.... Read more

    Affected Products :
    • Published: Sep. 05, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-52161

    Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross-site scripting (XSS) vulnerability.... Read more

    Affected Products : weblication_cms
    • Published: Sep. 08, 2025
    • Modified: Sep. 12, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 4415 Results