Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2024-52892

    IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadi... Read more

    Affected Products : jazz_for_service_management
    • Published: Feb. 06, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2025-32149

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in winkm89 teachPress allows SQL Injection. This issue affects teachPress: from n/a through 9.0.11.... Read more

    Affected Products : teachpress
    • Published: Apr. 04, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Injection

  • 6.4

    MEDIUM
    CVE-2025-2225

    The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘rael_title_tag' parameter in all versions up to, and including, 1.6.9 due to insufficient... Read more

    • Published: Apr. 15, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.3

    LOW
    CVE-2023-38115

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2023-38109

    Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2023-38116

    Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2023-38117

    Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulne... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2023-38118

    Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2023-38119

    Foxit PDF Reader AcroForm signature Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vu... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 5.4

    MEDIUM
    CVE-2025-8785

    A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educar_usuario_lst.php. The manipulation of the argument nm_pessoa/matricula/matricula_... Read more

    Affected Products : i-educar
    • Published: Aug. 10, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-8784

    A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionario_vinculo_cad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome ... Read more

    Affected Products : i-educar
    • Published: Aug. 09, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.3

    LOW
    CVE-2023-38108

    Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 7.8

    HIGH
    CVE-2023-38107

    Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability ... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2023-38106

    Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 5.3

    MEDIUM
    CVE-2024-23962

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens... Read more

    • Published: Jan. 31, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Authentication

  • 8.0

    HIGH
    CVE-2024-23963

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit thi... Read more

    • Published: Jan. 31, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-39584

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter Eventin allows PHP Local File Inclusion. This issue affects Eventin: from n/a through 4.0.25.... Read more

    Affected Products : eventin
    • Published: Apr. 16, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Path Traversal

  • 8.0

    HIGH
    CVE-2025-8476

    Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerab... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Misconfiguration

  • 7.4

    HIGH
    CVE-2025-8475

    Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to explo... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Memory Corruption

  • 6.8

    MEDIUM
    CVE-2025-8474

    Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploi... Read more

    • Published: Aug. 01, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291205 Results