Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2023-3205

    An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when imp... Read more

    Affected Products : gitlab
    • EPSS Score: %0.93
    • Published: Sep. 01, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2023-4647

    An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially l... Read more

    Affected Products : gitlab
    • EPSS Score: %0.22
    • Published: Sep. 01, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2022-4244

    A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or ... Read more

    • EPSS Score: %0.61
    • Published: Sep. 25, 2023
    • Modified: May. 05, 2025

  • 3.5

    LOW
    CVE-2023-3906

    An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.21
    • Published: Sep. 29, 2023
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2023-45871

    An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.02
    • Published: Oct. 15, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2023-45898

    The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Oct. 16, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-5825

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an... Read more

    Affected Products : gitlab
    • EPSS Score: %0.17
    • Published: Nov. 06, 2023
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2023-3246

    An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1 which allows an attackers to block Sidekiq job processor.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.05
    • Published: Nov. 06, 2023
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-3909

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A Regular Expression Denial of Service was possible by addi... Read more

    Affected Products : gitlab
    • EPSS Score: %0.02
    • Published: Nov. 06, 2023
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2024-0211

    DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : wireshark
    • EPSS Score: %0.02
    • Published: Jan. 03, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-21591

    An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the ... Read more

    Affected Products : junos
    • EPSS Score: %23.48
    • Published: Jan. 12, 2024
    • Modified: May. 05, 2025

  • 6.6

    MEDIUM
    CVE-2023-6955

    A missing authorization check vulnerability exists in GitLab Remote Development affecting all versions prior to 16.5.6, 16.6 prior to 16.6.4 and 16.7 prior to 16.7.2. This condition allows an attacker to create a workspace in one group that is associated ... Read more

    Affected Products : gitlab
    • EPSS Score: %0.03
    • Published: Jan. 12, 2024
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2025-4026

    A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument adminname/mobilenumber leads t... Read more

    • Published: Apr. 28, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2023-3720

    The Upload Media By URL WordPress plugin before 1.0.8 does not have CSRF check when uploading files, which could allow attackers to make logged in admins upload files (including HTML containing JS code for users with the unfiltered_html capability) on the... Read more

    Affected Products : upload_media_by_url
    • EPSS Score: %0.10
    • Published: Aug. 30, 2023
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2022-43372

    Emlog Pro v1.7.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability at /admin/store.php.... Read more

    Affected Products : emlog
    • EPSS Score: %0.08
    • Published: Nov. 03, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-43109

    D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.... Read more

    Affected Products : dir-823g_firmware dir-823g
    • EPSS Score: %1.04
    • Published: Nov. 03, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-43108

    Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.... Read more

    Affected Products : ac23_firmware ac23
    • EPSS Score: %0.09
    • Published: Nov. 03, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-43105

    Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.... Read more

    Affected Products : ac23_firmware ac23
    • EPSS Score: %0.09
    • Published: Nov. 03, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-43104

    Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.... Read more

    Affected Products : ac23_firmware ac23
    • EPSS Score: %0.09
    • Published: Nov. 03, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-43103

    Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.... Read more

    Affected Products : ac23_firmware ac23
    • EPSS Score: %0.09
    • Published: Nov. 03, 2022
    • Modified: May. 05, 2025
Showing 20 of 291170 Results