Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.7

    MEDIUM
    CVE-2024-20001

    In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DT... Read more

    Affected Products : android mt5583 mt5691 mt5695 mt9010 mt9011 mt9012 mt9016 mt9020 mt9021 +49 more products
    • EPSS Score: %0.03
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2024-1284

    Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora chrome edge_chromium
    • EPSS Score: %1.20
    • Published: Feb. 07, 2024
    • Modified: May. 15, 2025

  • 5.3

    MEDIUM
    CVE-2024-1110

    The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init() function in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated attacke... Read more

    Affected Products : podlove_podcast_publisher
    • EPSS Score: %0.15
    • Published: Feb. 07, 2024
    • Modified: May. 15, 2025

  • 4.3

    MEDIUM
    CVE-2024-0797

    The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and inc... Read more

    Affected Products : woot
    • EPSS Score: %0.13
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 7.2

    HIGH
    CVE-2024-0699

    The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_image_from_url' function in all versions up to, and including, 2.1.4. This makes ... Read more

    Affected Products : ai_engine
    • EPSS Score: %7.12
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 8.2

    HIGH
    CVE-2024-0324

    The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update... Read more

    Affected Products : profile_builder
    • EPSS Score: %45.96
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-7077

    Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remo... Read more

    • EPSS Score: %0.75
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 7.2

    HIGH
    CVE-2023-6925

    The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authe... Read more

    • EPSS Score: %3.00
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 7.2

    HIGH
    CVE-2023-6635

    The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'import_styles' function in versions up to, and including, 1.40.3. This makes it possible for authenticated attackers with administrator... Read more

    Affected Products : editorskit
    • EPSS Score: %7.61
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 7.8

    HIGH
    CVE-2023-5643

    Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending o... Read more

    • EPSS Score: %0.15
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2023-50292

    Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was intr... Read more

    Affected Products : solr
    • EPSS Score: %45.67
    • Published: Feb. 09, 2024
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2023-50291

    Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/propertie... Read more

    Affected Products : solr
    • EPSS Score: %0.56
    • Published: Feb. 09, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-50026

    SQL injection vulnerability in Presta Monster "Multi Accessories Pro" (hsmultiaccessoriespro) module for PrestaShop versions 5.1.1 and before, allows remote attackers to escalate privileges and obtain sensitive information via the method HsAccessoriesGrou... Read more

    Affected Products : multi_accessories_pro
    • EPSS Score: %0.31
    • Published: Feb. 09, 2024
    • Modified: May. 15, 2025

  • 7.8

    HIGH
    CVE-2023-47354

    An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent... Read more

    Affected Products : super_reboot
    • EPSS Score: %0.07
    • Published: Feb. 06, 2024
    • Modified: May. 15, 2025

  • 7.8

    HIGH
    CVE-2023-46045

    Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.... Read more

    Affected Products : graphviz
    • EPSS Score: %0.07
    • Published: Feb. 02, 2024
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2023-43183

    Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account.... Read more

    • EPSS Score: %0.10
    • Published: Feb. 03, 2024
    • Modified: May. 15, 2025

  • 7.8

    HIGH
    CVE-2023-42871

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.08
    • Published: Jan. 10, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-42282

    The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.... Read more

    Affected Products : ip
    • EPSS Score: %0.40
    • Published: Feb. 08, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-40266

    An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows path traversal.... Read more

    • EPSS Score: %0.32
    • Published: Feb. 08, 2024
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2023-40265

    An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote code execution via file upload.... Read more

    • EPSS Score: %1.38
    • Published: Feb. 08, 2024
    • Modified: May. 15, 2025
Showing 20 of 291741 Results