Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-27341

    PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-27342

    PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to ex... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-27343

    PDF-XChange Editor EMF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-27340

    PDF-XChange Editor PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-27339

    PDF-XChange Editor PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-27344

    PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-39487

    PDF-XChange Editor util Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vul... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-39488

    PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vuln... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-39489

    PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-40473

    PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit th... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2023-39486

    PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this v... Read more

    • Published: May. 03, 2024
    • Modified: May. 20, 2025

  • 6.1

    MEDIUM
    CVE-2024-7211

    The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users. Note: 1E Platform's component utilizing the third-party ... Read more

    Affected Products : platform
    • Published: Aug. 01, 2024
    • Modified: May. 20, 2025

  • 9.9

    CRITICAL
    CVE-2023-5964

    The 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not properly validate the Caption or Message parameters, which allows for a specially crafted input to perform arbitrary code... Read more

    Affected Products : platform
    • Published: Nov. 06, 2023
    • Modified: May. 20, 2025

  • 9.9

    CRITICAL
    CVE-2023-45162

    Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution.  Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q23166 for v8.4.1 apply hotfix Q23164 for v9.0.1 apply h... Read more

    Affected Products : platform
    • Published: Oct. 13, 2023
    • Modified: May. 20, 2025

  • 8.8

    HIGH
    CVE-2023-45160

    In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. The 1E... Read more

    Affected Products : client
    • Published: Oct. 05, 2023
    • Modified: May. 20, 2025

  • 8.4

    HIGH
    CVE-2023-45159

    1E Client installer can perform arbitrary file deletion on protected files.   A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startu... Read more

    Affected Products : client
    • Published: Oct. 05, 2023
    • Modified: May. 20, 2025

  • 7.8

    HIGH
    CVE-2022-29623

    An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report.... Read more

    Affected Products : connect-multiparty
    • Published: May. 16, 2022
    • Modified: May. 20, 2025

  • 7.5

    HIGH
    CVE-2025-1706

    Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.... Read more

    Affected Products : ddk
    • Published: May. 17, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2024-47893

    Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory.... Read more

    Affected Products : ddk
    • Published: May. 17, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Memory Corruption

  • 5.4

    MEDIUM
    CVE-2022-42235

    A Stored XSS issue in Student Clearance System v.1.0 allows the injection of arbitrary JavaScript in the Student registration form.... Read more

    Affected Products : student_clearance_system
    • Published: Oct. 11, 2022
    • Modified: May. 19, 2025
Showing 20 of 292818 Results