Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.8

    MEDIUM
    CVE-2023-6165

    The Restrict Usernames Emails Characters WordPress plugin before 3.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed... Read more

    • Published: Jan. 29, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-51982

    CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to... Read more

    Affected Products : cratedb
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 8.2

    HIGH
    CVE-2023-51843

    react-dashboard 1.4.0 is vulnerable to Cross Site Scripting (XSS) as httpOnly is not set.... Read more

    Affected Products : react_dashboard
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-51837

    Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation.... Read more

    Affected Products : meshcentral
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2023-42706

    In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2023-42698

    In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2023-42685

    In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2023-42681

    In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 8.8

    HIGH
    CVE-2023-37518

    HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker could inject arbitrary code and execute within the context of the running user. ... Read more

    Affected Products : bigfix_servicenow_data_flow
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 5.4

    MEDIUM
    CVE-2023-36259

    Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation.... Read more

    Affected Products : craft_cms
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-24049

    An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management.... Read more

    Affected Products : ac21000_g6_firmware ac21000_g6
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35068

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35067

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b0.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35066

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35065

    OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35064

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adcdb in __asan_memset.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35063

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41a8.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35062

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0bc3.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35061

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e412a.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32911

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Sep. 20, 2022
    • Modified: May. 29, 2025
Showing 20 of 292811 Results