Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2022-36453

    A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attack... Read more

    Affected Products : micollab
    • EPSS Score: %0.24
    • Published: Oct. 25, 2022
    • Modified: May. 07, 2025

  • 9.8

    CRITICAL
    CVE-2022-36452

    A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload malicious files. A successful exploit could allow an attacker to execute arbitrary code within the context of the appli... Read more

    Affected Products : micollab
    • EPSS Score: %1.90
    • Published: Oct. 25, 2022
    • Modified: May. 07, 2025

  • 8.8

    HIGH
    CVE-2022-36451

    A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploi... Read more

    Affected Products : micollab
    • EPSS Score: %0.18
    • Published: Oct. 25, 2022
    • Modified: May. 07, 2025

  • 5.3

    MEDIUM
    CVE-2022-35739

    PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets (CSS) data ... Read more

    Affected Products : prtg_network_monitor
    • EPSS Score: %1.07
    • Published: Oct. 25, 2022
    • Modified: May. 07, 2025

  • 8.8

    HIGH
    CVE-2022-35132

    Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.... Read more

    Affected Products : usermin
    • EPSS Score: %3.39
    • Published: Oct. 25, 2022
    • Modified: May. 07, 2025

  • 7.2

    HIGH
    CVE-2022-33178

    A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch.... Read more

    Affected Products : fabric_operating_system
    • EPSS Score: %0.81
    • Published: Oct. 25, 2022
    • Modified: May. 07, 2025

  • 9.8

    CRITICAL
    CVE-2021-42553

    A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated w... Read more

    Affected Products : stm32_mw_usb_host
    • EPSS Score: %0.21
    • Published: Oct. 21, 2022
    • Modified: May. 07, 2025

  • 5.4

    MEDIUM
    CVE-2024-53255

    BoidCMS is a free and open-source flat file CMS for building simple websites and blogs, developed using PHP and uses JSON as a database. In affected versions a reflected Cross-site Scripting (XSS) vulnerability exists in the /admin?page=media endpoint in ... Read more

    Affected Products : boidcms
    • Published: Nov. 25, 2024
    • Modified: May. 07, 2025

  • 8.4

    HIGH
    CVE-2025-31175

    Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.... Read more

    Affected Products : emui harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-31174

    Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Path Traversal

  • 8.8

    HIGH
    CVE-2025-31173

    Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-58106

    Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-58107

    Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-58108

    Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-58126

    Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Authorization

  • 9.1

    CRITICAL
    CVE-2024-58127

    Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Authorization

  • 9.1

    CRITICAL
    CVE-2025-31170

    Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-29912

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and pr... Read more

    Affected Products : cryptolib
    • Published: Mar. 17, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-29913

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer o... Read more

    Affected Products : cryptolib
    • Published: Mar. 17, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-58125

    Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Apr. 07, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Authorization
Showing 20 of 291737 Results