Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2025-27847

    In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Authentication

  • 4.3

    MEDIUM
    CVE-2025-27846

    In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2023-43692

    An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). Out-of-bound reads in strings detection utilities lead to system crashes.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2023-43687

    An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). There is a Race condition that leads to code execution because of a lack of locks between file verification and execution.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Race Condition

  • 6.5

    MEDIUM
    CVE-2023-43683

    An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). A Stack buffer out-of-bounds access exists because of an integer underflow when handling newline characters.... Read more

    Affected Products :
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-53737

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-53735

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-53734

    Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-53732

    Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    Affected Products : office
    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 8.4

    HIGH
    CVE-2025-53731

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-53730

    Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-52877

    An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 0... Read more

    Affected Products : insydeh2o
    • Published: May. 15, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-52878

    An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 0... Read more

    Affected Products : insydeh2o
    • Published: May. 15, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-52879

    An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 0... Read more

    Affected Products : insydeh2o
    • Published: May. 15, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-53778

    Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2025-53773

    Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.... Read more

    Affected Products : visual_studio_2022
    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-3480

    MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentica... Read more

    Affected Products : pacs_server
    • Published: May. 22, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2025-53772

    Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.... Read more

    Affected Products : web_deploy web_deploy_4.0
    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-53769

    External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.... Read more

    Affected Products : windows_security_app
    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Path Traversal

  • 7.8

    HIGH
    CVE-2025-53761

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291754 Results