Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-40432

    The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-40431

    The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.09
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-40412

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-40409

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.04
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2023-40400

    This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %1.68
    • Published: Sep. 27, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-3954

    The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as a... Read more

    • EPSS Score: %0.13
    • Published: Aug. 21, 2023
    • Modified: May. 05, 2025

  • 5.3

    MEDIUM
    CVE-2023-3817

    Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where ... Read more

    Affected Products : openssl
    • EPSS Score: %0.19
    • Published: Jul. 31, 2023
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2023-3721

    The WP-EMail WordPress plugin before 2.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ... Read more

    Affected Products : wp-email
    • EPSS Score: %0.08
    • Published: Aug. 14, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-3671

    The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users su... Read more

    • EPSS Score: %0.11
    • Published: Aug. 07, 2023
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2023-3667

    The Bit Assist WordPress plugin before 1.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for... Read more

    Affected Products : bit_assist
    • EPSS Score: %0.08
    • Published: Aug. 21, 2023
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2023-3601

    The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.... Read more

    Affected Products : simple_author_box
    • EPSS Score: %0.18
    • Published: Aug. 14, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-3524

    The WPCode WordPress plugin before 2.0.13.1 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting... Read more

    Affected Products : wpcode
    • EPSS Score: %0.32
    • Published: Aug. 07, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-3421

    Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : debian_linux chrome edge_chromium
    • EPSS Score: %0.67
    • Published: Jun. 26, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-3420

    Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : debian_linux chrome edge_chromium
    • EPSS Score: %3.80
    • Published: Jun. 26, 2023
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2023-3344

    The Auto Location for WP Job Manager via Google WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_htm... Read more

    • EPSS Score: %0.08
    • Published: Jul. 24, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-3217

    Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %17.40
    • Published: Jun. 13, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-3216

    Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %0.44
    • Published: Jun. 13, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-3215

    Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %15.78
    • Published: Jun. 13, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-3214

    Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %1.13
    • Published: Jun. 13, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-3041

    The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack.... Read more

    Affected Products : automatic_conversation
    • EPSS Score: %0.11
    • Published: Jul. 17, 2023
    • Modified: May. 05, 2025
Showing 20 of 291216 Results