Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2023-32871

    In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ... Read more

    Affected Products : android openwrt yocto rdk-b mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 +53 more products
    • Published: May. 06, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-4763

    Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : debian_linux chrome edge_chromium
    • EPSS Score: %0.35
    • Published: Sep. 05, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-4369

    Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security sever... Read more

    Affected Products : chrome chrome_os
    • EPSS Score: %0.06
    • Published: Aug. 15, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-4355

    Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %36.84
    • Published: Aug. 15, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-4354

    Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %1.76
    • Published: Aug. 15, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-4352

    Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %1.70
    • Published: Aug. 15, 2023
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2023-4023

    The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger.... Read more

    Affected Products : all_users_messenger
    • EPSS Score: %0.19
    • Published: Aug. 30, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-41071

    A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-40432

    The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-40431

    The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.09
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-40412

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-40409

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2023-40400

    This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %1.68
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-3954

    The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as a... Read more

    • EPSS Score: %0.13
    • Published: Aug. 21, 2023
    • Modified: May. 05, 2025

  • 5.3

    MEDIUM
    CVE-2023-3817

    Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where ... Read more

    Affected Products : openssl
    • EPSS Score: %0.19
    • Published: Jul. 31, 2023
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2023-3721

    The WP-EMail WordPress plugin before 2.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ... Read more

    Affected Products : wp-email
    • EPSS Score: %0.08
    • Published: Aug. 14, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-3671

    The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users su... Read more

    • EPSS Score: %0.11
    • Published: Aug. 07, 2023
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2023-3667

    The Bit Assist WordPress plugin before 1.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for... Read more

    Affected Products : bit_assist
    • EPSS Score: %0.08
    • Published: Aug. 21, 2023
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2023-3601

    The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.... Read more

    Affected Products : simple_author_box
    • EPSS Score: %0.18
    • Published: Aug. 14, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-3524

    The WPCode WordPress plugin before 2.0.13.1 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting... Read more

    Affected Products : wpcode
    • EPSS Score: %0.32
    • Published: Aug. 07, 2023
    • Modified: May. 05, 2025
Showing 20 of 291205 Results