Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-38119

    Foxit PDF Reader AcroForm signature Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vu... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 5.4

    MEDIUM
    CVE-2025-8785

    A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educar_usuario_lst.php. The manipulation of the argument nm_pessoa/matricula/matricula_... Read more

    Affected Products : i-educar
    • Published: Aug. 10, 2025
    • Modified: Aug. 12, 2025

  • 5.4

    MEDIUM
    CVE-2025-8784

    A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionario_vinculo_cad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome ... Read more

    Affected Products : i-educar
    • Published: Aug. 09, 2025
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2023-38108

    Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2023-38107

    Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability ... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2023-38106

    Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 5.3

    MEDIUM
    CVE-2024-23962

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens... Read more

    • Published: Jan. 31, 2025
    • Modified: Aug. 12, 2025

  • 8.0

    HIGH
    CVE-2024-23963

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit thi... Read more

    • Published: Jan. 31, 2025
    • Modified: Aug. 12, 2025

  • 7.5

    HIGH
    CVE-2025-39584

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter Eventin allows PHP Local File Inclusion. This issue affects Eventin: from n/a through 4.0.25.... Read more

    Affected Products : eventin
    • Published: Apr. 16, 2025
    • Modified: Aug. 12, 2025

  • 8.0

    HIGH
    CVE-2025-8476

    Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerab... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025

  • 7.4

    HIGH
    CVE-2025-8475

    Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to explo... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025

  • 6.8

    MEDIUM
    CVE-2025-8474

    Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploi... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025

  • 6.6

    MEDIUM
    CVE-2025-8473

    Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulne... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025

  • 7.4

    HIGH
    CVE-2025-8472

    Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required ... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025

  • 8.0

    HIGH
    CVE-2025-8480

    Alpine iLX-507 Command Injection Remote Code Execution. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability. The ... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025

  • 9.8

    CRITICAL
    CVE-2020-19695

    Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.... Read more

    Affected Products : njs njs
    • EPSS Score: %0.94
    • Published: Apr. 04, 2023
    • Modified: Aug. 12, 2025

  • 8.4

    HIGH
    CVE-2025-1951

    IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.... Read more

    • Published: Apr. 22, 2025
    • Modified: Aug. 12, 2025

  • 7.4

    HIGH
    CVE-2025-8477

    Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Alpine iLX-507 devices. User interaction is required to exploit this v... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025

  • 3.7

    LOW
    CVE-2025-25046

    IBM InfoSphere Information Server 11.7 DataStage Flow Designer  transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques.... Read more

    Affected Products : infosphere_information_server
    • Published: Apr. 23, 2025
    • Modified: Aug. 12, 2025

  • 9.8

    CRITICAL
    CVE-2020-19692

    Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file.... Read more

    Affected Products : njs njs
    • EPSS Score: %0.87
    • Published: Apr. 04, 2023
    • Modified: Aug. 12, 2025
Showing 20 of 290974 Results