Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2022-40443

    An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php.... Read more

    Affected Products : zzcms
    • Published: Sep. 22, 2022
    • Modified: May. 27, 2025

  • 6.5

    MEDIUM
    CVE-2022-35032

    OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.... Read more

    Affected Products : otfcc
    • Published: Sep. 22, 2022
    • Modified: May. 27, 2025

  • 9.8

    CRITICAL
    CVE-2024-57471

    H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute... Read more

    Affected Products : n12_firmware n12
    • Published: Jan. 14, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2024-57479

    H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary com... Read more

    Affected Products : n12_firmware n12
    • Published: Jan. 14, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2024-57482

    H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute a... Read more

    Affected Products : n12_firmware n12
    • Published: Jan. 14, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2024-57473

    H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary co... Read more

    Affected Products : n12_firmware n12
    • Published: Jan. 14, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2024-57480

    H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary comma... Read more

    Affected Products : n12_firmware n12
    • Published: Jan. 14, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-32979

    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.... Read more

    Affected Products : ngeniusone
    • Published: Apr. 25, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Misconfiguration

  • 7.1

    HIGH
    CVE-2025-32981

    NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.... Read more

    Affected Products : ngeniusone
    • Published: Apr. 25, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-32982

    NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.... Read more

    Affected Products : ngeniusone
    • Published: Apr. 25, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-32983

    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.... Read more

    Affected Products : ngeniusone
    • Published: Apr. 25, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Information Disclosure

  • 6.1

    MEDIUM
    CVE-2025-32984

    NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.... Read more

    Affected Products : ngeniusone
    • Published: Apr. 25, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-32985

    NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.... Read more

    Affected Products : ngeniusone
    • Published: Apr. 25, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-32986

    NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.... Read more

    Affected Products : ngeniusone
    • Published: Apr. 25, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2018-2398

    Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.... Read more

    Affected Products : business_client
    • Published: Mar. 14, 2018
    • Modified: May. 27, 2025

  • 7.5

    HIGH
    CVE-2020-6228

    SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer.... Read more

    Affected Products : business_client
    • Published: Apr. 14, 2020
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2020-6244

    SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker... Read more

    Affected Products : business_client
    • Published: May. 12, 2020
    • Modified: May. 27, 2025

  • 6.5

    MEDIUM
    CVE-2021-38150

    When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This wo... Read more

    Affected Products : business_client
    • Published: Sep. 14, 2021
    • Modified: May. 27, 2025

  • 4.3

    MEDIUM
    CVE-2021-2341

    Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Diffi... Read more

    Affected Products : fedora debian_linux jdk jre graalvm openjdk
    • Published: Jul. 21, 2021
    • Modified: May. 27, 2025

  • 4.3

    MEDIUM
    CVE-2023-50900

    Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.10.... Read more

    Affected Products : master_slider
    • Published: Jun. 19, 2024
    • Modified: May. 27, 2025
Showing 20 of 293164 Results