Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2016-8597

    Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp library v1.4 and earlier allows hostile components with network access to the SFP underlying network layers to execute arbitrary code via specially crafted SFP packets.... Read more

    Affected Products : libcsp libcsp
    • EPSS Score: %3.36
    • Published: Oct. 28, 2016
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2016-8598

    Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet.... Read more

    Affected Products : libcsp libcsp
    • EPSS Score: %3.36
    • Published: Oct. 28, 2016
    • Modified: Aug. 14, 2025

  • 6.5

    MEDIUM
    CVE-2025-51824

    libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c.... Read more

    Affected Products : libcsp libcsp
    • Published: Aug. 11, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2023-44442

    GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in tha... Read more

    Affected Products : gimp
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.5

    HIGH
    CVE-2025-8355

    In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery (SSRF).... Read more

    Affected Products : freeflow_core
    • Published: Aug. 08, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: XML External Entity

  • 7.8

    HIGH
    CVE-2023-44443

    GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the targ... Read more

    Affected Products : gimp
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2025-55346

    User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.0

    HIGH
    CVE-2025-45768

    pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library (admittedly, library users may benefit from a minimum value and a mechanism for optin... Read more

    Affected Products :
    • Published: Jul. 31, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Cryptography

  • 7.5

    HIGH
    CVE-2024-8176

    A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhaust... Read more

    • Published: Mar. 14, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Denial of Service

  • 5.4

    MEDIUM
    CVE-2022-29362

    A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter.... Read more

    Affected Products : zkeacms zkeacms
    • EPSS Score: %0.18
    • Published: May. 25, 2022
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-44444

    GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target mus... Read more

    Affected Products : gimp
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2025-52239

    An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.... Read more

    Affected Products : zkeacms
    • Published: Aug. 04, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 3.9

    LOW
    CVE-2025-44964

    A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.... Read more

    Affected Products : bluestacks
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Cryptography

  • 9.8

    CRITICAL
    CVE-2025-50706

    An issue in thinkphp v.5.1 allows a remote attacker to execute arbitrary code via the routecheck function... Read more

    Affected Products : thinkphp
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-50707

    An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index.php component... Read more

    Affected Products : thinkphp
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2023-44451

    Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit thi... Read more

    Affected Products : xreader
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-44452

    Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this ... Read more

    Affected Products : linuxmint xreader
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-50197

    Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the abi... Read more

    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2025-2760

    GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the targ... Read more

    Affected Products : gimp
    • Published: Apr. 23, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2761

    GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the t... Read more

    Affected Products : gimp
    • Published: Apr. 23, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291394 Results