Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-44444

    GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target mus... Read more

    Affected Products : gimp
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2025-52239

    An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.... Read more

    Affected Products : zkeacms
    • Published: Aug. 04, 2025
    • Modified: Aug. 14, 2025

  • 3.9

    LOW
    CVE-2025-44964

    A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.... Read more

    Affected Products : bluestacks
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2025-50706

    An issue in thinkphp v.5.1 allows a remote attacker to execute arbitrary code via the routecheck function... Read more

    Affected Products : thinkphp
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2025-50707

    An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index.php component... Read more

    Affected Products : thinkphp
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-44451

    Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit thi... Read more

    Affected Products : xreader
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-44452

    Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this ... Read more

    Affected Products : linuxmint xreader
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-50197

    Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the abi... Read more

    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2025-2760

    GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the targ... Read more

    Affected Products : gimp
    • Published: Apr. 23, 2025
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2025-2761

    GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the t... Read more

    Affected Products : gimp
    • Published: Apr. 23, 2025
    • Modified: Aug. 14, 2025

  • 8.0

    HIGH
    CVE-2025-5747

    WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. A... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025

  • 8.0

    HIGH
    CVE-2025-5748

    WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authenticatio... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025

  • 8.8

    HIGH
    CVE-2025-5749

    WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authe... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-50235

    Hancom Office Show PPT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Show. User interaction is required to expl... Read more

    Affected Products : office_word office_show
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 8.8

    HIGH
    CVE-2025-5750

    WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV ... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025

  • 6.8

    MEDIUM
    CVE-2025-5751

    WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication ... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025

  • 6.5

    MEDIUM
    CVE-2024-45077

    IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is insta... Read more

    Affected Products : maximo_asset_management
    • Published: Jan. 24, 2025
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2025-8047

    The disable-right-click-powered-by-pixterme through v1.2 and pixter-image-digital-license thtough v1.0 WordPress plugins load a JavaScript file which has been compromised from an apparent abandoned S3 bucket. It can be used as a backdoor by those who cont... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 14, 2025

  • 6.1

    MEDIUM
    CVE-2025-8046

    The Injection Guard WordPress plugin before 1.2.8 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 14, 2025

  • 5.1

    MEDIUM
    CVE-2025-7761

    Lepszy BIP is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in index.php form in one of the parameters allows arbitrary JavaScript to be executed on victim's browser when specially crafted URL is opened. The vendor was con... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 14, 2025
Showing 20 of 290978 Results