Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2024-22647

    An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with vali... Read more

    Affected Products : seo_panel
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 7.2

    HIGH
    CVE-2024-1069

    The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administ... Read more

    • Published: Jan. 31, 2024
    • Modified: May. 29, 2025

  • 8.8

    HIGH
    CVE-2024-1060

    Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora chrome edge_chromium
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 4.8

    MEDIUM
    CVE-2023-6165

    The Restrict Usernames Emails Characters WordPress plugin before 3.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed... Read more

    • Published: Jan. 29, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-51982

    CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to... Read more

    Affected Products : cratedb
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 8.2

    HIGH
    CVE-2023-51843

    react-dashboard 1.4.0 is vulnerable to Cross Site Scripting (XSS) as httpOnly is not set.... Read more

    Affected Products : react_dashboard
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-51837

    Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation.... Read more

    Affected Products : meshcentral
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2023-42706

    In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2023-42698

    In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2023-42685

    In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2023-42681

    In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 8.8

    HIGH
    CVE-2023-37518

    HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker could inject arbitrary code and execute within the context of the running user. ... Read more

    Affected Products : bigfix_servicenow_data_flow
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 5.4

    MEDIUM
    CVE-2023-36259

    Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation.... Read more

    Affected Products : craft_cms
    • Published: Jan. 30, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-24049

    An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management.... Read more

    Affected Products : ac21000_g6_firmware ac21000_g6
    • Published: Dec. 04, 2023
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35068

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35067

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b0.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35066

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35065

    OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35064

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adcdb in __asan_memset.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2022-35063

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41a8.... Read more

    Affected Products : otfcc
    • Published: Sep. 19, 2022
    • Modified: May. 29, 2025
Showing 20 of 293499 Results