Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-2025-3858

    The Formality plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ parameter in all versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated atta... Read more

    Affected Products : formality
    • Published: May. 02, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.4

    MEDIUM
    CVE-2025-3748

    The Taxonomy Chain Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pn_chain_menu shortcode in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping on user supplied attr... Read more

    Affected Products : taxonomy_chain_menu
    • Published: May. 02, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.4

    MEDIUM
    CVE-2025-3510

    The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it p... Read more

    Affected Products : tagdiv_composer composer
    • Published: May. 02, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.6

    HIGH
    CVE-2025-27091

    OpenH264 is a free license codec library which supports H.264 encoding and decoding. A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due t... Read more

    Affected Products : openh264
    • Published: Feb. 20, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-21176

    .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability... Read more

    • Published: Jan. 14, 2025
    • Modified: May. 06, 2025

  • 7.3

    HIGH
    CVE-2025-21173

    .NET Elevation of Privilege Vulnerability... Read more

    • Published: Jan. 14, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Authorization

  • 8.1

    HIGH
    CVE-2024-38229

    .NET and Visual Studio Remote Code Execution Vulnerability... Read more

    • Published: Oct. 08, 2024
    • Modified: May. 06, 2025

  • 8.1

    HIGH
    CVE-2024-35264

    .NET and Visual Studio Remote Code Execution Vulnerability... Read more

    Affected Products : visual_studio .net visual_studio_2022
    • Published: Jul. 09, 2024
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42315

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42314

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42313

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42312

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42311

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-40294

    The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers. ... Read more

    Affected Products : php_point_of_sale
    • EPSS Score: %0.13
    • Published: Oct. 31, 2022
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2022-27586

    Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version <2.0.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. Th... Read more

    • EPSS Score: %2.12
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2022-27584

    Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in ... Read more

    Affected Products : sim2000st_firmware sim2000st
    • EPSS Score: %1.88
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2022-27582

    Password recovery vulnerability in SICK SIM4000 (PPC) Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase... Read more

    • EPSS Score: %1.79
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2022-26762

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.14
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26730

    A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution.... Read more

    Affected Products : macos
    • EPSS Score: %0.64
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26719

    A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execut... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • EPSS Score: %0.13
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025
Showing 20 of 291360 Results