Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-32877

    A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Monterey 12.6. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.0

    MEDIUM
    CVE-2022-32875

    A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os watchos
    • EPSS Score: %0.06
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.4

    MEDIUM
    CVE-2025-2893

    The Gutenverse – Ultimate Block Addons and Page Builder for Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's countdown Block in all versions up to, and including, 2.2.1 due to insufficient input sanitization a... Read more

    Affected Products : gutenverse
    • Published: Apr. 29, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2024-27984

    A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete specific type of files and/or cause denial of service. ... Read more

    Affected Products : avalanche
    • Published: Apr. 19, 2024
    • Modified: May. 06, 2025

  • 6.4

    MEDIUM
    CVE-2025-1458

    The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets like Dual Button, Creative Button, Image Stack and more in all versions up... Read more

    Affected Products : element_pack
    • Published: Apr. 26, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.4

    MEDIUM
    CVE-2025-2575

    The Z Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacke... Read more

    Affected Products : z_companion
    • Published: Apr. 11, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.4

    MEDIUM
    CVE-2025-2541

    The WP Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated... Read more

    Affected Products : wp_project_manager
    • Published: Apr. 11, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.4

    MEDIUM
    CVE-2024-2027

    The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its style attributes in all versions up to, and including, 4.22.7 due to insufficient input sanitization and output escaping.... Read more

    • Published: Apr. 09, 2024
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2024-29204

    A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands ... Read more

    Affected Products : avalanche
    • Published: Apr. 19, 2024
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2023-52342

    In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed... Read more

    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2023-52343

    In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2023-52344

    In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2023-52346

    In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2023-52347

    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2023-52348

    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2023-52351

    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2023-52533

    In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.9

    MEDIUM
    CVE-2023-52534

    In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2023-52535

    In vsp driver, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t610 t618
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2024-23658

    In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025
Showing 20 of 291401 Results