Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-43652

    Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnera... Read more

    Affected Products : view
    • Published: May. 07, 2024
    • Modified: Aug. 11, 2025

  • 7.8

    HIGH
    CVE-2022-43653

    Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerabili... Read more

    Affected Products : view
    • Published: May. 07, 2024
    • Modified: Aug. 11, 2025

  • 7.8

    HIGH
    CVE-2022-43655

    Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vuln... Read more

    Affected Products : view
    • Published: May. 07, 2024
    • Modified: Aug. 11, 2025

  • 7.5

    HIGH
    CVE-2025-51532

    Incorrect access control in Sage DPW 2024_12_004 and earlier allows unauthorized attackers to access the built-in Database Monitor via a crafted request. The vendor has stated that the issue is fixed in 2025_06_000, released in June 2025.... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 6.1

    MEDIUM
    CVE-2025-51531

    A reflected cross-site scripting (XSS) vulnerability in Sage DPW 2024_12_004 and earlier allows attackers to execute arbitrary JavaScript in the context of a victim's browser via injecting a crafted payload into the tabfields parameter at /dpw/scripts/cgi... Read more

    Affected Products :
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 7.1

    HIGH
    CVE-2024-48729

    An issue in ETSI Open-Source MANO (OSM) 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component.... Read more

    Affected Products :
    • Published: Jul. 25, 2025
    • Modified: Aug. 11, 2025

  • 6.5

    MEDIUM
    CVE-2024-27499

    Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option.... Read more

    Affected Products : bagisto
    • Published: Mar. 01, 2024
    • Modified: Aug. 11, 2025

  • 6.7

    MEDIUM
    CVE-2025-54642

    Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 6.7

    MEDIUM
    CVE-2025-54641

    Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2025-54638

    Issue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation of this vulnerability may affect the availability of the ad service.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2025-54637

    Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 5.5

    MEDIUM
    CVE-2025-54636

    Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 7.5

    HIGH
    CVE-2025-54635

    Vulnerability of returning released pointers in the distributed notification service. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 8.0

    HIGH
    CVE-2025-54634

    Vulnerability of improper processing of abnormal conditions in huge page separation. Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 6.7

    MEDIUM
    CVE-2025-54633

    Out-of-bounds read vulnerability in the register configuration of the DMA module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2025
    • Modified: Aug. 11, 2025

  • 7.8

    HIGH
    CVE-2025-7425

    A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID ... Read more

    • Published: Jul. 10, 2025
    • Modified: Aug. 11, 2025

  • 4.3

    MEDIUM
    CVE-2023-44394

    MantisBT is an open source bug tracker. Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs. This issue has been addressed in commit `65... Read more

    Affected Products : mantisbt
    • EPSS Score: %0.29
    • Published: Oct. 16, 2023
    • Modified: Aug. 11, 2025

  • 7.8

    HIGH
    CVE-2024-49841

    Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.... Read more

    • Published: May. 06, 2025
    • Modified: Aug. 11, 2025

  • 8.4

    HIGH
    CVE-2023-33066

    Memory corruption in Audio while processing RT proxy port register driver.... Read more

    • Published: Mar. 04, 2024
    • Modified: Aug. 11, 2025

  • 7.5

    HIGH
    CVE-2024-53027

    Transient DOS may occur while processing the country IE.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
Showing 20 of 291002 Results