Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.5

HIGH

CVE-2024-23452

Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.5~1.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description： The http_parser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: I...

Affected Products : brpc
Published: Feb. 08, 2024

Modified: Jun. 04, 2025
7.5

HIGH

CVE-2024-23304

Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations....

Affected Products : kunai
Published: Feb. 06, 2024

Modified: Jun. 04, 2025
5.5

MEDIUM

CVE-2024-23301

Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root....

Affected Products : enterprise_linux fedora linux_enterprise relax-and-recover
Published: Jan. 12, 2024

Modified: Jun. 04, 2025
6.2

MEDIUM

CVE-2024-23223

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data....

Affected Products : macos iphone_os tvos watchos ipados
Published: Jan. 23, 2024

Modified: Jun. 04, 2025
6.2

MEDIUM

CVE-2024-23219

The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpectedly disabled....

Affected Products : iphone_os ipados
Published: Jan. 23, 2024

Modified: Jun. 04, 2025
9.1

CRITICAL

CVE-2024-50306

Unchecked return value can allow Apache Traffic Server to retain privileges on startup. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1. Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fi...

Affected Products : traffic_server
Published: Nov. 14, 2024

Modified: Jun. 04, 2025
5.9

MEDIUM

CVE-2024-23218

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA...

Affected Products : macos iphone_os tvos watchos ipados
Published: Jan. 23, 2024

Modified: Jun. 04, 2025
3.3

LOW

CVE-2024-23210

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a user's phone number in system logs....

Affected Products : macos iphone_os tvos watchos ipados
Published: Jan. 23, 2024

Modified: Jun. 04, 2025
7.8

HIGH

CVE-2024-23208

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to execute arbitrary code with kernel privileges....

Affected Products : macos iphone_os tvos watchos ipados
Published: Jan. 23, 2024

Modified: Jun. 04, 2025
5.5

MEDIUM

CVE-2024-23207

This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to access sensitive user data....

Affected Products : macos iphone_os watchos ipados
Published: Jan. 23, 2024

Modified: Jun. 04, 2025
8.8

HIGH

CVE-2024-23180

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2....

Affected Products : a-blog_cms
Published: Jan. 23, 2024

Modified: Jun. 04, 2025
5.4

MEDIUM

CVE-2024-23172

An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in SpecialCheckUserLog....

Affected Products : mediawiki
Published: Jan. 12, 2024

Modified: Jun. 04, 2025
6.1

MEDIUM

CVE-2024-23031

Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL....

Affected Products : eyoucms
Published: Feb. 01, 2024

Modified: Jun. 04, 2025
5.4

MEDIUM

CVE-2022-37137

PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially crafted payload to gain Stored XSS. The XSS then will pr...

Affected Products : paymoney
Published: Sep. 14, 2022

Modified: Jun. 04, 2025
7.8

HIGH

CVE-2022-34707

Windows Kernel Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products
Published: Aug. 09, 2022

Modified: Jun. 04, 2025
7.8

HIGH

CVE-2022-34706

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products
Published: Aug. 09, 2022

Modified: Jun. 04, 2025
7.8

HIGH

CVE-2022-34705

Windows Defender Credential Guard Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows +2 more products
Published: Aug. 09, 2022

Modified: Jun. 04, 2025
7.8

HIGH

CVE-2022-34703

Windows Partition Management Driver Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 +4 more products
Published: Aug. 09, 2022

Modified: Jun. 04, 2025
8.1

HIGH

CVE-2022-34702

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products
Published: Aug. 09, 2022

Modified: Jun. 04, 2025
7.5

HIGH

CVE-2022-34701

Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products
Published: Aug. 09, 2022

Modified: Jun. 04, 2025

Showing 20 of 292782 Results

1
...
1019
1020
1021
1022
1023
1024
1025
...
14640

Browse by Apps

Latest CVE Feed

7.5

7.5

5.5

6.2

6.2

9.1

5.9

3.3

7.8

5.5

8.8

5.4

6.1

5.4

7.8

7.8

7.8

7.8

8.1

7.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable