Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-26802

    An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request.... Read more

    • EPSS Score: %77.45
    • Published: Mar. 26, 2023
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2023-26801

    LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.... Read more

    • EPSS Score: %26.73
    • Published: Mar. 26, 2023
    • Modified: May. 05, 2025

  • 7.2

    HIGH
    CVE-2023-26609

    ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.... Read more

    • EPSS Score: %36.69
    • Published: Feb. 27, 2023
    • Modified: May. 05, 2025

  • 7.1

    HIGH
    CVE-2023-26607

    In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.... Read more

    • EPSS Score: %0.06
    • Published: Feb. 26, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-26606

    In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Feb. 26, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-26605

    In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Feb. 26, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-26544

    In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Feb. 25, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-26242

    afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Feb. 21, 2023
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2023-26068

    Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).... Read more

    • EPSS Score: %75.87
    • Published: Apr. 10, 2023
    • Modified: May. 05, 2025

  • 4.6

    MEDIUM
    CVE-2023-25012

    The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Feb. 02, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2023-24678

    A vulnerability in Centralite Pearl Thermostat 0x04075010 allows attackers to cause a Denial of Service (DoS) via a crafted Zigbee message.... Read more

    Affected Products : pearl_firmware pearl
    • EPSS Score: %0.09
    • Published: Mar. 17, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-23559

    In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.... Read more

    • EPSS Score: %0.02
    • Published: Jan. 13, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-22995

    In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Feb. 28, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-22670

    A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-... Read more

    • EPSS Score: %0.06
    • Published: Apr. 15, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-22669

    Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute cod... Read more

    • EPSS Score: %0.05
    • Published: Apr. 15, 2023
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2023-20873

    In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x user... Read more

    Affected Products : spring_boot
    • EPSS Score: %0.38
    • Published: Apr. 20, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-1806

    The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admini... Read more

    Affected Products : wp_inventory_manager
    • EPSS Score: %0.11
    • Published: May. 08, 2023
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2023-1530

    Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : fedora chrome edge_chromium
    • EPSS Score: %0.36
    • Published: Mar. 21, 2023
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2023-1465

    The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin... Read more

    Affected Products : wp_easypay
    • EPSS Score: %0.09
    • Published: Aug. 16, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-1078

    A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Mar. 27, 2023
    • Modified: May. 05, 2025
Showing 20 of 291205 Results