Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-43972

    An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.... Read more

    Affected Products : gobgp
    • Published: Apr. 21, 2025
    • Modified: May. 08, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-43970

    An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).... Read more

    Affected Products : gobgp
    • Published: Apr. 21, 2025
    • Modified: May. 08, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2024-12671

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context o... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12669

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the c... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12200

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context o... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12198

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context o... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12197

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context o... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-42206

    PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php.... Read more

    • EPSS Score: %0.11
    • Published: Oct. 21, 2022
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-42205

    PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php.... Read more

    • EPSS Score: %0.11
    • Published: Oct. 21, 2022
    • Modified: May. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-37454

    The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interfac... Read more

    • EPSS Score: %1.80
    • Published: Oct. 21, 2022
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12194

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12193

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context o... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12192

    A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12191

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context o... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12179

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the c... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12178

    A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more

    • Published: Dec. 17, 2024
    • Modified: May. 08, 2025

  • 8.6

    HIGH
    CVE-2024-22917

    SQL injection vulnerability in Dynamic Lab Management System Project in PHP v.1.0 allows a remote attacker to execute arbitrary code via a crafted script.... Read more

    Affected Products : dynamic_lab_management_system
    • Published: Feb. 27, 2024
    • Modified: May. 08, 2025

  • 8.1

    HIGH
    CVE-2024-39718

    An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account.... Read more

    Affected Products : veeam_backup_\&_replication
    • Published: Sep. 07, 2024
    • Modified: May. 08, 2025

  • 4.3

    MEDIUM
    CVE-2025-47446

    Cross-Site Request Forgery (CSRF) vulnerability in listamester Listamester allows Cross Site Request Forgery. This issue affects Listamester: from n/a through 2.3.6.... Read more

    Affected Products : listamester
    • Published: May. 07, 2025
    • Modified: May. 08, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 5.9

    MEDIUM
    CVE-2025-47449

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Meow Gallery allows Stored XSS. This issue affects Meow Gallery: from n/a through 5.2.7.... Read more

    Affected Products : meow_gallery
    • Published: May. 07, 2025
    • Modified: May. 08, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291634 Results