Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2020-10825

    A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).... Read more

    • EPSS Score: %5.52
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2024-35386

    An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file.... Read more

    Affected Products : mjs
    • Published: May. 21, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2020-10824

    A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).... Read more

    • EPSS Score: %5.52
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2020-10823

    A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).... Read more

    • EPSS Score: %5.52
    • Published: Mar. 26, 2020
    • Modified: May. 05, 2025

  • 10.0

    HIGH
    CVE-2019-8246

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %8.44
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8244

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.58
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8243

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.58
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8242

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.74
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2019-8241

    Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : macos media_encoder windows
    • EPSS Score: %1.58
    • Published: Nov. 14, 2019
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2024-34244

    libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintend... Read more

    Affected Products : libmodbus
    • Published: May. 08, 2024
    • Modified: May. 05, 2025

  • 8.1

    HIGH
    CVE-2024-2441

    The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8 allows direct access to menus, allowing an authenticated user with subscriber privileges or above, to bypass authorization and access settings of the VikBooking Hotel Booking Engine &... Read more

    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 5.9

    MEDIUM
    CVE-2024-2749

    The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control mechanism fails to properly restrict access to its settings, permitting any users that can access a menu to manipulate requests and perform unauthorized actions such ... Read more

    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-35099

    TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth.... Read more

    Affected Products : lr350_firmware lr350
    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2024-3940

    The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack... Read more

    Affected Products : recaptcha_jetpack
    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 4.7

    MEDIUM
    CVE-2024-3941

    The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack.... Read more

    Affected Products : recaptcha_jetpack
    • Published: May. 14, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-46145

    Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.This issue affects Themify Ultra: from n/a through 7.3.5.... Read more

    Affected Products : ultra
    • Published: May. 17, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-4323

    A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.... Read more

    Affected Products : fluent_bit
    • Published: May. 20, 2024
    • Modified: May. 05, 2025

  • 5.3

    MEDIUM
    CVE-2023-32871

    In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ... Read more

    Affected Products : android openwrt yocto rdk-b mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 +53 more products
    • Published: May. 06, 2024
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-4763

    Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : debian_linux chrome edge_chromium
    • EPSS Score: %0.35
    • Published: Sep. 05, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-4369

    Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security sever... Read more

    Affected Products : chrome chrome_os
    • EPSS Score: %0.06
    • Published: Aug. 15, 2023
    • Modified: May. 05, 2025
Showing 20 of 291209 Results