Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-27164

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-27174

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-24431

    Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as... Read more

    • Published: Mar. 11, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Information Disclosure

  • 9.1

    CRITICAL
    CVE-2024-42024

    A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.... Read more

    Affected Products : one
    • Published: Sep. 07, 2024
    • Modified: Apr. 28, 2025

  • 5.4

    MEDIUM
    CVE-2024-56144

    librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters (Replace $DEVICE_ID with your specific $DEVICE_ID value):`/device/$DEVICE_ID/edit` -> param: display. Librenms versions u... Read more

    Affected Products : librenms
    • Published: Jan. 16, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-23198

    librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters (Replace $DEVICE_ID with your specific $DEVICE_ID value):`/device/$DEVICE_ID/edit` -> param: display. Librenms versions u... Read more

    Affected Products : librenms
    • Published: Jan. 16, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2024-28870

    Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as wel... Read more

    Affected Products : suricata
    • Published: Apr. 03, 2024
    • Modified: Apr. 28, 2025

  • 9.8

    CRITICAL
    CVE-2025-30727

    Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t... Read more

    Affected Products : e-business_suite scripting
    • Published: Apr. 15, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2024-44570

    RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php.... Read more

    Affected Products : rely-pcie_firmware rely-pcie
    • Published: Sep. 11, 2024
    • Modified: Apr. 28, 2025

  • 4.8

    MEDIUM
    CVE-2022-3824

    The WP Admin UI Customize WordPress plugin before 1.5.13 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is dis... Read more

    Affected Products : wp_admin_ui_customize
    • Published: Nov. 28, 2022
    • Modified: Apr. 28, 2025

  • 7.1

    HIGH
    CVE-2025-39778

    In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show() The csts_state_names[] array only has six sparse entries, but the iteration code in nvmet_ctrl_state_show() ite... Read more

    Affected Products : linux_kernel
    • Published: Apr. 18, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-39755

    In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix cb7210 pcmcia Oops The pcmcia_driver struct was still only using the old .name initialization in the drv field. This led to a NULL pointer deref Oops in strcmp calle... Read more

    Affected Products : linux_kernel
    • Published: Apr. 18, 2025
    • Modified: Apr. 28, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2024-44571

    RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php.... Read more

    Affected Products : rely-pcie_firmware rely-pcie
    • Published: Sep. 11, 2024
    • Modified: Apr. 28, 2025

  • 8.8

    HIGH
    CVE-2024-44572

    RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_mgmt function.... Read more

    Affected Products : rely-pcie_firmware rely-pcie
    • Published: Sep. 11, 2024
    • Modified: Apr. 28, 2025

  • 4.7

    MEDIUM
    CVE-2024-44573

    A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.... Read more

    Affected Products : rely-pcie_firmware rely-pcie
    • Published: Sep. 11, 2024
    • Modified: Apr. 28, 2025

  • 8.8

    HIGH
    CVE-2024-44574

    RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function.... Read more

    Affected Products : rely-pcie_firmware rely-pcie
    • Published: Sep. 11, 2024
    • Modified: Apr. 28, 2025

  • 7.8

    HIGH
    CVE-2022-45422

    When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. The LG ID is LVE-HOT-220005.... Read more

    Affected Products : smart_share
    • Published: Nov. 21, 2022
    • Modified: Apr. 28, 2025

  • 8.8

    HIGH
    CVE-2022-23740

    CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. To exploit this vulnerability, an attacker would need permission to create and build GitH... Read more

    Affected Products : enterprise_server
    • Published: Nov. 23, 2022
    • Modified: Apr. 28, 2025

  • 3.7

    LOW
    CVE-2024-44575

    RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.... Read more

    Affected Products : rely-pcie_firmware rely-pcie
    • Published: Sep. 11, 2024
    • Modified: Apr. 28, 2025

  • 8.8

    HIGH
    CVE-2024-44577

    RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function.... Read more

    Affected Products : rely-pcie_firmware rely-pcie
    • Published: Sep. 11, 2024
    • Modified: Apr. 28, 2025
Showing 20 of 293436 Results