Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2022-20871

    A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to perform a command injection and elevate priv... Read more

    • Published: Nov. 15, 2024
    • Modified: Aug. 11, 2025

  • 9.9

    CRITICAL
    CVE-2023-20036

    A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input ... Read more

    Affected Products : industrial_network_director
    • Published: Nov. 15, 2024
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-20039

    A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data. This vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit this vu... Read more

    Affected Products : industrial_network_director
    • Published: Nov. 15, 2024
    • Modified: Aug. 11, 2025

  • 6.5

    MEDIUM
    CVE-2021-1425

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulne... Read more

    • Published: Nov. 18, 2024
    • Modified: Aug. 11, 2025

  • 8.8

    HIGH
    CVE-2023-49756

    Missing Authorization vulnerability in Themewinter Eventin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventin: from n/a through 3.3.52.... Read more

    Affected Products : eventin
    • Published: Dec. 09, 2024
    • Modified: Aug. 11, 2025

  • 8.8

    HIGH
    CVE-2024-56213

    Path Traversal: '.../...//' vulnerability in Themewinter Eventin allows Path Traversal.This issue affects Eventin: from n/a through 4.0.7.... Read more

    Affected Products : eventin
    • Published: Dec. 31, 2024
    • Modified: Aug. 11, 2025

  • 6.1

    MEDIUM
    CVE-2024-12047

    The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘custom_server’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and outp... Read more

    Affected Products : wp_compress
    • Published: Jan. 04, 2025
    • Modified: Aug. 11, 2025

  • 7.8

    HIGH
    CVE-2022-43651

    Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in... Read more

    Affected Products : view
    • Published: May. 07, 2024
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2022-43652

    Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnera... Read more

    Affected Products : view
    • Published: May. 07, 2024
    • Modified: Aug. 11, 2025

  • 7.8

    HIGH
    CVE-2022-43653

    Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerabili... Read more

    Affected Products : view
    • Published: May. 07, 2024
    • Modified: Aug. 11, 2025

  • 7.8

    HIGH
    CVE-2022-43655

    Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vuln... Read more

    Affected Products : view
    • Published: May. 07, 2024
    • Modified: Aug. 11, 2025

  • 7.5

    HIGH
    CVE-2025-51532

    Incorrect access control in Sage DPW 2024_12_004 and earlier allows unauthorized attackers to access the built-in Database Monitor via a crafted request. The vendor has stated that the issue is fixed in 2025_06_000, released in June 2025.... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 6.1

    MEDIUM
    CVE-2025-51531

    A reflected cross-site scripting (XSS) vulnerability in Sage DPW 2024_12_004 and earlier allows attackers to execute arbitrary JavaScript in the context of a victim's browser via injecting a crafted payload into the tabfields parameter at /dpw/scripts/cgi... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 7.1

    HIGH
    CVE-2024-48729

    An issue in ETSI Open-Source MANO (OSM) 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component.... Read more

    Affected Products :
    • Published: Jul. 25, 2025
    • Modified: Aug. 11, 2025

  • 6.5

    MEDIUM
    CVE-2024-27499

    Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option.... Read more

    Affected Products : bagisto
    • Published: Mar. 01, 2024
    • Modified: Aug. 11, 2025

  • 6.7

    MEDIUM
    CVE-2025-54642

    Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 6.7

    MEDIUM
    CVE-2025-54641

    Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2025-54638

    Issue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation of this vulnerability may affect the availability of the ad service.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2025-54637

    Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2025-54636

    Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025
Showing 20 of 290990 Results