Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2022-35025

    OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8.... Read more

    Affected Products : otfcc
    • Published: Sep. 22, 2022
    • Modified: May. 27, 2025

  • 6.5

    MEDIUM
    CVE-2022-35023

    OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x86_64-linux-gnu/libc.so.6+0xbb384.... Read more

    Affected Products : otfcc
    • Published: Sep. 22, 2022
    • Modified: May. 27, 2025

  • 6.5

    MEDIUM
    CVE-2022-35022

    OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae.... Read more

    Affected Products : otfcc
    • Published: Sep. 22, 2022
    • Modified: May. 27, 2025

  • 6.5

    MEDIUM
    CVE-2022-35021

    OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0x718693.... Read more

    Affected Products : otfcc
    • Published: Sep. 22, 2022
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2022-30426

    There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during U... Read more

    • Published: Sep. 23, 2022
    • Modified: May. 27, 2025

  • 6.1

    MEDIUM
    CVE-2022-28977

    HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which a... Read more

    • Published: Sep. 22, 2022
    • Modified: May. 27, 2025

  • 7.1

    HIGH
    CVE-2021-41803

    HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."... Read more

    Affected Products : consul
    • Published: Sep. 23, 2022
    • Modified: May. 27, 2025

  • 3.7

    LOW
    CVE-2021-41136

    Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request throu... Read more

    Affected Products : debian_linux puma
    • Published: Oct. 12, 2021
    • Modified: May. 27, 2025

  • 6.5

    MEDIUM
    CVE-2020-26272

    The Electron framework lets users write cross-platform desktop applications using JavaScript, HTML and CSS. In versions of Electron IPC prior to 9.4.0, 10.2.0, 11.1.0, and 12.0.0-beta.9, messages sent from the main process to a subframe in the renderer pr... Read more

    Affected Products : electron
    • Published: Jan. 28, 2021
    • Modified: May. 27, 2025

  • 4.9

    MEDIUM
    CVE-2024-1310

    The WooCommerce WordPress plugin before 8.6 does not prevent users with at least the contributor role from leaking products they shouldn't have access to. (e.g. private, draft and trashed products)... Read more

    Affected Products : woocommerce woocommerce
    • Published: Apr. 15, 2024
    • Modified: May. 27, 2025

  • 6.3

    MEDIUM
    CVE-2024-29461

    An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote attacker to cause a denial of service via the datapath id component.... Read more

    • Published: Apr. 12, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40486

    Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit th... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40482

    Maxon Cinema 4D SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulne... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40483

    Maxon Cinema 4D SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulne... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40484

    Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit th... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40485

    Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit th... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40487

    Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerabil... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40488

    Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerabil... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40489

    Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerabil... Read more

    Affected Products : cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 8.8

    HIGH
    CVE-2024-31268

    Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. ... Read more

    Affected Products : apppresser
    • Published: Apr. 12, 2024
    • Modified: May. 27, 2025
Showing 20 of 293289 Results