Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-38275

    The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.... Read more

    Affected Products : moodle
    • Published: Jun. 18, 2024
    • Modified: Apr. 30, 2025

  • 4.3

    MEDIUM
    CVE-2024-4957

    The Frontend Checklist WordPress plugin through 2.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disall... Read more

    Affected Products : frontend_checklist
    • Published: Jun. 26, 2024
    • Modified: Apr. 30, 2025

  • 4.8

    MEDIUM
    CVE-2024-4959

    The Frontend Checklist WordPress plugin through 2.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disall... Read more

    Affected Products : frontend_checklist
    • Published: Jun. 26, 2024
    • Modified: Apr. 30, 2025

  • 5.7

    MEDIUM
    CVE-2024-2193

    A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from ... Read more

    Affected Products : xen
    • Published: Mar. 15, 2024
    • Modified: Apr. 30, 2025

  • 6.5

    MEDIUM
    CVE-2023-46842

    Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them t... Read more

    Affected Products : xen
    • Published: May. 16, 2024
    • Modified: Apr. 30, 2025

  • 8.5

    HIGH
    CVE-2025-29769

    libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally ... Read more

    Affected Products : libvips
    • Published: Apr. 07, 2025
    • Modified: Apr. 30, 2025

  • 8.8

    HIGH
    CVE-2023-5218

    Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)... Read more

    Affected Products : fedora debian_linux chrome edge_chromium
    • EPSS Score: %0.26
    • Published: Oct. 11, 2023
    • Modified: Apr. 30, 2025

  • 7.0

    HIGH
    CVE-2023-40131

    In GpuService of GpuService.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Oct. 27, 2023
    • Modified: Apr. 30, 2025

  • 7.0

    HIGH
    CVE-2022-33983

    DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by th... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.05
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 6.4

    MEDIUM
    CVE-2022-33982

    DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver ... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.04
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 6.1

    MEDIUM
    CVE-2021-40272

    OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting (XSS).... Read more

    Affected Products : monitor
    • EPSS Score: %10.85
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 5.3

    MEDIUM
    CVE-2021-38828

    Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to plain-text traffic sniffing.... Read more

    Affected Products : xm-jpr2-lx_firmware xm-jpr2-lx
    • EPSS Score: %0.02
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 7.5

    HIGH
    CVE-2021-38827

    Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.... Read more

    Affected Products : xm-jpr2-lx_firmware xm-jpr2-lx
    • EPSS Score: %0.04
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2021-25943

    Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : 101
    • EPSS Score: %2.95
    • Published: May. 14, 2021
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2021-25941

    Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : deep-override
    • EPSS Score: %2.95
    • Published: May. 14, 2021
    • Modified: Apr. 30, 2025

  • 4.8

    MEDIUM
    CVE-2021-25933

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • EPSS Score: %0.34
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 8.8

    HIGH
    CVE-2021-25931

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • EPSS Score: %0.22
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 4.3

    MEDIUM
    CVE-2021-25930

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • EPSS Score: %0.15
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 4.8

    MEDIUM
    CVE-2021-25929

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • EPSS Score: %0.33
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2021-25928

    Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : safe-obj
    • EPSS Score: %3.35
    • Published: Apr. 26, 2021
    • Modified: Apr. 30, 2025
Showing 20 of 291141 Results