Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2020-10828

    A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.... Read more

    • EPSS Score: %22.82
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2020-10827

    A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.... Read more

    • EPSS Score: %22.82
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 10.0

    HIGH
    CVE-2020-10826

    /cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.... Read more

    • EPSS Score: %61.53
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2020-10825

    A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).... Read more

    • EPSS Score: %5.52
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2024-35386

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file.... Read more

    Affected Products : mjs
    • Published: May. 21, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2020-10824

    A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).... Read more

    • EPSS Score: %5.52
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2020-10823

    A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).... Read more

    • EPSS Score: %5.52
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 10.0

    HIGH
    CVE-2019-8246

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %8.44
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8244

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.58
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8243

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.58
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8242

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.74
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8241

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.58
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2024-34244

    libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintend... Read more

    Affected Products : libmodbus
    • Published: May. 08, 2024
    • Modified: May. 05, 2025

  • 8.1

    HIGH
    CVE-2024-2441

    The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8 allows direct access to menus, allowing an authenticated user with subscriber privileges or above, to bypass authorization and access settings of the VikBooking Hotel Booking Engine &... Read more

    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 5.9

    MEDIUM
    CVE-2024-2749

    The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control mechanism fails to properly restrict access to its settings, permitting any users that can access a menu to manipulate requests and perform unauthorized actions such ... Read more

    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-35099

    TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth.... Read more

    Affected Products : lr350_firmware lr350
    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2024-3940

    The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack... Read more

    Affected Products : recaptcha_jetpack
    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 4.7

    MEDIUM
    CVE-2024-3941

    The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack.... Read more

    Affected Products : recaptcha_jetpack
    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-46145

    Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.This issue affects Themify Ultra: from n/a through 7.3.5.... Read more

    Affected Products : ultra
    • Published: May. 17, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-4323

    A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.... Read more

    Affected Products : fluent_bit
    • Published: May. 20, 2024
    • Modified: May. 05, 2025
Showing 20 of 291205 Results