Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-34593

    In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communica... Read more

    • EPSS Score: %1.60
    • Published: Oct. 26, 2021
    • Modified: Aug. 15, 2025

  • 8.1

    HIGH
    CVE-2021-34595

    A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.... Read more

    • EPSS Score: %0.47
    • Published: Oct. 26, 2021
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2021-34596

    A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.... Read more

    • EPSS Score: %0.24
    • Published: Oct. 26, 2021
    • Modified: Aug. 15, 2025

  • 5.5

    MEDIUM
    CVE-2021-34976

    Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 07, 2024
    • Modified: Aug. 15, 2025

  • 6.8

    MEDIUM
    CVE-2021-35567

    Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitabl... Read more

    • EPSS Score: %0.16
    • Published: Oct. 20, 2021
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2018-10951

    mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.... Read more

    • EPSS Score: %0.39
    • Published: May. 10, 2018
    • Modified: Aug. 15, 2025

  • 6.1

    MEDIUM
    CVE-2018-6882

    Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Lo... Read more

    Affected Products : zimbra_collaboration_suite
    • Actively Exploited
    • EPSS Score: %65.60
    • Published: Mar. 27, 2018
    • Modified: Aug. 15, 2025

  • 10.0

    HIGH
    CVE-2018-7445

    A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before... Read more

    Affected Products : routeros
    • Actively Exploited
    • EPSS Score: %87.80
    • Published: Mar. 19, 2018
    • Modified: Aug. 15, 2025

  • 7.5

    HIGH
    CVE-2019-3924

    MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerabi... Read more

    Affected Products : routeros
    • EPSS Score: %12.22
    • Published: Feb. 20, 2019
    • Modified: Aug. 15, 2025

  • 8.8

    HIGH
    CVE-2020-15841

    Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server's password via the Test LDA... Read more

    • EPSS Score: %0.34
    • Published: Jul. 20, 2020
    • Modified: Aug. 15, 2025

  • 7.5

    HIGH
    CVE-2021-21000

    On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.... Read more

    • EPSS Score: %0.13
    • Published: May. 24, 2021
    • Modified: Aug. 15, 2025

  • 9.1

    CRITICAL
    CVE-2021-21001

    On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.... Read more

    • EPSS Score: %0.24
    • Published: May. 24, 2021
    • Modified: Aug. 15, 2025

  • 7.5

    HIGH
    CVE-2021-30186

    CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.... Read more

    • EPSS Score: %0.45
    • Published: May. 25, 2021
    • Modified: Aug. 15, 2025

  • 6.5

    MEDIUM
    CVE-2025-45317

    A zip slip vulnerability in the /modules/ImportModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary code via a crafted archive.... Read more

    Affected Products : hortusfox
    • Published: Aug. 13, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Path Traversal

  • 7.5

    HIGH
    CVE-2025-50615

    A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_mac_filter_set in the payload, which can cause the... Read more

    Affected Products : wf2880_firmware wf2880
    • Published: Aug. 13, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-50616

    A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_advanced_set in the payload, which can cause the p... Read more

    Affected Products : wf2880_firmware wf2880
    • Published: Aug. 13, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-50617

    A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cause the program t... Read more

    Affected Products : wf2880_firmware wf2880
    • Published: Aug. 13, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 6.1

    MEDIUM
    CVE-2025-45313

    A cross-site scripting (XSS) vulnerability in the /tasks endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the title parameter.... Read more

    Affected Products : hortusfox
    • Published: Aug. 13, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-8926

    A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be laun... Read more

    • Published: Aug. 13, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2023-47716

    IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656.... Read more

    • Published: Mar. 01, 2024
    • Modified: Aug. 15, 2025
Showing 20 of 291781 Results