Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.0

    HIGH
    CVE-2023-40131

    In GpuService of GpuService.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Oct. 27, 2023
    • Modified: Apr. 30, 2025

  • 7.0

    HIGH
    CVE-2022-33983

    DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by th... Read more

    Affected Products : kernel kernel
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 6.4

    MEDIUM
    CVE-2022-33982

    DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver ... Read more

    Affected Products : kernel kernel
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 6.1

    MEDIUM
    CVE-2021-40272

    OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting (XSS).... Read more

    Affected Products : monitor
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 5.3

    MEDIUM
    CVE-2021-38828

    Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to plain-text traffic sniffing.... Read more

    Affected Products : xm-jpr2-lx_firmware xm-jpr2-lx
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 7.5

    HIGH
    CVE-2021-38827

    Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.... Read more

    Affected Products : xm-jpr2-lx_firmware xm-jpr2-lx
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2021-25943

    Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : 101
    • Published: May. 14, 2021
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2021-25941

    Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : deep-override
    • Published: May. 14, 2021
    • Modified: Apr. 30, 2025

  • 4.8

    MEDIUM
    CVE-2021-25933

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 8.8

    HIGH
    CVE-2021-25931

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 4.3

    MEDIUM
    CVE-2021-25930

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 4.8

    MEDIUM
    CVE-2021-25929

    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerab... Read more

    Affected Products : opennms horizon meridian
    • Published: May. 20, 2021
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2021-25928

    Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : safe-obj
    • Published: Apr. 26, 2021
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2021-25927

    Prototype pollution vulnerability in 'safe-flat' versions 2.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.... Read more

    Affected Products : safe-flat
    • Published: Apr. 26, 2021
    • Modified: Apr. 30, 2025

  • 6.5

    MEDIUM
    CVE-2021-37499

    CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers.... Read more

    Affected Products : reprise_license_manager
    • Published: Jan. 20, 2023
    • Modified: Apr. 30, 2025

  • 6.5

    MEDIUM
    CVE-2021-37498

    An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function.... Read more

    Affected Products : reprise_license_manager
    • Published: Jan. 20, 2023
    • Modified: Apr. 30, 2025

  • 9.0

    HIGH
    CVE-2021-44153

    An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit thi... Read more

    Affected Products : reprise_license_manager
    • Published: Dec. 13, 2021
    • Modified: Apr. 30, 2025

  • 8.5

    HIGH
    CVE-2018-5716

    An issue was discovered in Reprise License Manager 11.0. This vulnerability is a Path Traversal where the attacker, by changing a field in the Web Request, can have access to files on the File System of the Server. By specifying a pathname in the POST par... Read more

    Affected Products : reprise_license_manager
    • Published: Feb. 21, 2018
    • Modified: Apr. 30, 2025

  • 9.3

    HIGH
    CVE-2018-15573

    An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata para... Read more

    Affected Products : reprise_license_manager
    • Published: Aug. 20, 2018
    • Modified: Apr. 30, 2025

  • 6.1

    MEDIUM
    CVE-2018-15574

    An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a... Read more

    Affected Products : reprise_license_manager
    • Published: Aug. 20, 2018
    • Modified: Apr. 30, 2025
Showing 20 of 292778 Results