Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.0

    HIGH
    CVE-2023-44426

    D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although auth... Read more

    Affected Products : dir-x3260_firmware dir-x3260
    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.0

    HIGH
    CVE-2023-44427

    D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although au... Read more

    Affected Products : dir-x3260_firmware dir-x3260
    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-44418

    D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required ... Read more

    Affected Products : dir-x3260_firmware dir-x3260
    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 5.5

    MEDIUM
    CVE-2025-25947

    An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file.... Read more

    Affected Products : bento4
    • Published: Feb. 19, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-25945

    An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp.... Read more

    Affected Products : bento4
    • Published: Feb. 19, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Information Disclosure

  • 7.3

    HIGH
    CVE-2025-25944

    Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file.... Read more

    Affected Products : bento4
    • Published: Feb. 19, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-25943

    Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp.... Read more

    Affected Products : bento4
    • Published: Feb. 19, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-25942

    An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released.... Read more

    Affected Products : bento4
    • Published: Feb. 19, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Information Disclosure

  • 5.9

    MEDIUM
    CVE-2024-3753

    The Hostel WordPress plugin before 1.1.5.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin... Read more

    Affected Products : hostel
    • Published: Jul. 13, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37317

    D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authenti... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37318

    D-Link DAP-2622 DDP Set IPv6 Address Secondary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authen... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37319

    D-Link DAP-2622 DDP Set IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is no... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37320

    D-Link DAP-2622 DDP Set SSID List SSID Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authenticatio... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37321

    D-Link DAP-2622 DDP Set SSID List RADIUS Secret Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentic... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37322

    D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentic... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37323

    D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is n... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37324

    D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authe... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-37326

    D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authe... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 8.8

    HIGH
    CVE-2023-41215

    D-Link DAP-2622 DDP Set Date-Time Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not r... Read more

    • Published: May. 03, 2024
    • Modified: May. 13, 2025

  • 4.6

    MEDIUM
    CVE-2024-3919

    The OpenPGP Form Encryption for WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and abov... Read more

    Affected Products : openpgp_form_encryption
    • Published: Jul. 13, 2024
    • Modified: May. 13, 2025
Showing 20 of 292247 Results