Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2024-46081

    Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which is particularly dangerous because tasks are assigned to v... Read more

    Affected Products : scriptcase
    • Published: Oct. 01, 2024
    • Modified: Apr. 28, 2025

  • 7.4

    HIGH
    CVE-2025-21591

    A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to ... Read more

    Affected Products : junos
    • Published: Apr. 09, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Denial of Service

  • 9.1

    CRITICAL
    CVE-2024-55516

    A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The component affected by this issue is /upload_sysconfig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading... Read more

    • Published: Dec. 17, 2024
    • Modified: Apr. 28, 2025

  • 9.8

    CRITICAL
    CVE-2024-55515

    A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_ipslib.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded.... Read more

    • Published: Dec. 17, 2024
    • Modified: Apr. 28, 2025

  • 6.3

    MEDIUM
    CVE-2024-55514

    A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_sfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to u... Read more

    • Published: Dec. 17, 2024
    • Modified: Apr. 28, 2025

  • 9.1

    CRITICAL
    CVE-2024-55513

    A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_netaction.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading ... Read more

    • Published: Dec. 17, 2024
    • Modified: Apr. 28, 2025

  • 5.4

    MEDIUM
    CVE-2024-29507

    Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters.... Read more

    Affected Products : ghostscript
    • Published: Jul. 03, 2024
    • Modified: Apr. 28, 2025

  • 6.3

    MEDIUM
    CVE-2024-29510

    Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.... Read more

    Affected Products : ghostscript
    • Published: Jul. 03, 2024
    • Modified: Apr. 28, 2025

  • 7.2

    HIGH
    CVE-2024-39842

    A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs.... Read more

    Affected Products : centreon
    • Published: Sep. 23, 2024
    • Modified: Apr. 28, 2025

  • 7.5

    HIGH
    CVE-2024-29511

    Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading (and writing of error messages to arbitrary files) via OCRLanguage. For example, exploitation can use debug_file /tmp/ou... Read more

    Affected Products : ghostscript
    • Published: Jul. 03, 2024
    • Modified: Apr. 28, 2025

  • 6.7

    MEDIUM
    CVE-2024-39843

    A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user form inputs.... Read more

    Affected Products : centreon
    • Published: Sep. 23, 2024
    • Modified: Apr. 28, 2025

  • 9.8

    CRITICAL
    CVE-2024-42797

    An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music playlist entries.... Read more

    Affected Products : music_management_system
    • Published: Sep. 25, 2024
    • Modified: Apr. 28, 2025

  • 7.6

    HIGH
    CVE-2024-46607

    Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and password via the loginAdmin method in the UserController.java file.... Read more

    Affected Products : icecms
    • Published: Sep. 25, 2024
    • Modified: Apr. 28, 2025

  • 7.8

    HIGH
    CVE-2025-27172

    Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim m... Read more

    Affected Products : substance_3d_designer
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21169

    Substance3D - Designer versions 14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more

    Affected Products : substance_3d_designer
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27175

    InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more

    Affected Products : macos windows indesign
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27171

    InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in tha... Read more

    Affected Products : macos windows indesign
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27166

    InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more

    Affected Products : macos windows indesign
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-24453

    InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in tha... Read more

    Affected Products : macos windows indesign
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-24452

    InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more

    Affected Products : macos windows indesign
    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293435 Results