Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-30307

    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue re... Read more

    • Published: Apr. 08, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-30308

    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue re... Read more

    • Published: Apr. 08, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-30309

    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue re... Read more

    • Published: Apr. 08, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Information Disclosure

  • 6.7

    MEDIUM
    CVE-2024-20031

    In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS0854... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt6739 +10 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.6

    MEDIUM
    CVE-2024-20028

    In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS0854... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt6739 +10 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 7.9

    HIGH
    CVE-2024-20027

    In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: A... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt6739 +10 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 4.2

    MEDIUM
    CVE-2024-20026

    In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID:... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt6739 +10 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20025

    In da, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541686; Issue ID: ALPS085... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt8791 +32 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.0

    MEDIUM
    CVE-2024-20024

    In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541635; Issue ID: ALPS... Read more

    Affected Products : android mt6781 mt6789 mt6833 mt6835 mt6879 mt6886 mt6895 mt6985 mt6989 +8 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20023

    In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS... Read more

    Affected Products : android openwrt yocto rdk-b mt6781 mt6789 mt6835 mt6855 mt6879 mt6880 +17 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-20018

    In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR0034... Read more

    Affected Products : mt7615 software_development_kit
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 8.2

    HIGH
    CVE-2024-20005

    In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: AL... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6853t mt6855 +28 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-48356

    LyLme Spage <=1.6.0 is vulnerable to SQL Injection via /admin/group.php.... Read more

    Affected Products : lylme_spage
    • Published: Oct. 28, 2024
    • Modified: Apr. 22, 2025

  • 3.4

    LOW
    CVE-2024-20038

    In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495932; Issue ID: ALP... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +21 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20037

    In pq, there is a possible write-what-where condition due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495937; Issu... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +21 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 4.4

    MEDIUM
    CVE-2024-20036

    In vdec, there is a possible permission bypass due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08509508; Issue ID: ALPS085... Read more

    Affected Products : android mt6835 mt6855 mt6879 mt6886 mt6895 mt6985 mt6983 mt8798 mt8792 +1 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 5.3

    MEDIUM
    CVE-2024-48572

    A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to obtain email addresses via the "Add a user" feature. The vulnerability occurs due to insufficiently validated user input being processed as a regular expr... Read more

    Affected Products : aquilacms
    • Published: Oct. 29, 2024
    • Modified: Apr. 22, 2025

  • 7.2

    HIGH
    CVE-2024-20034

    In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08488849; Issue... Read more

    Affected Products : android mt6855 mt6895 mt8791t mt8797 mt6761 mt6765 mt6768 mt8321 mt8765 +10 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 4.4

    MEDIUM
    CVE-2024-20033

    In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID:... Read more

    Affected Products : android mt6779 mt6785 mt6789 mt6835 mt6855 mt6879 mt6883 mt6885 mt6886 +45 more products
    • Published: Mar. 04, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-48573

    A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.... Read more

    Affected Products : aquilacms
    • Published: Oct. 29, 2024
    • Modified: Apr. 22, 2025
Showing 20 of 293620 Results