Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-51552

    Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulner... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2023-51553

    Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2023-51554

    Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulner... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2023-51555

    Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerab... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 7.8

    HIGH
    CVE-2023-51556

    Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerabilit... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 7.8

    HIGH
    CVE-2025-5601

    Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : wireshark
    • Published: Jun. 04, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Denial of Service

  • 10.0

    HIGH
    CVE-2021-35394

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerabil... Read more

    • Actively Exploited
    • EPSS Score: %94.34
    • Published: Aug. 16, 2021
    • Modified: Aug. 13, 2025

  • 7.8

    HIGH
    CVE-2021-35392

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a heap buffer o... Read more

    • EPSS Score: %71.78
    • Published: Aug. 16, 2021
    • Modified: Aug. 13, 2025

  • 10.0

    HIGH
    CVE-2021-35393

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer ... Read more

    • EPSS Score: %11.74
    • Published: Aug. 16, 2021
    • Modified: Aug. 13, 2025

  • 10.0

    HIGH
    CVE-2021-35395

    Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based... Read more

    • Actively Exploited
    • EPSS Score: %93.66
    • Published: Aug. 16, 2021
    • Modified: Aug. 13, 2025

  • 9.8

    CRITICAL
    CVE-2025-8809

    A vulnerability classified as critical has been found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /addelidetails.php. The manipulation of the argument del leads to sql injection. It is possible to launch the att... Read more

    Affected Products : online_medicine_guide
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-8797

    A vulnerability was found in LitmusChaos Litmus up to 3.19.0 and classified as critical. This issue affects some unknown processing of the component LocalStorage Handler. The manipulation leads to permission issues. The attack may be initiated remotely. T... Read more

    Affected Products :
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-8796

    A vulnerability has been found in LitmusChaos Litmus up to 3.19.0 and classified as problematic. This vulnerability affects unknown code of the file /auth/delete_project/ of the component Delete Request Handler. The manipulation of the argument projectID ... Read more

    Affected Products :
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-8792

    A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The expl... Read more

    Affected Products :
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-8791

    A vulnerability was found in LitmusChaos Litmus up to 3.19.0. It has been rated as critical. This issue affects some unknown processing of the file /auth/list_projects. The manipulation of the argument role leads to improper authorization. The attack may ... Read more

    Affected Products :
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-8790

    A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been declared as critical. This vulnerability affects unknown code of the file /module/Api/pessoa of the component API Endpoint. The manipulation of the argument ID leads to improper aut... Read more

    Affected Products : i-educar
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-8789

    A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as problematic. This affects an unknown part of the file /module/Api/Diario of the component API Endpoint. The manipulation leads to authorization bypass. It is possible ... Read more

    Affected Products : i-educar
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 5.1

    MEDIUM
    CVE-2025-8788

    A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulati... Read more

    Affected Products :
    • Published: Aug. 10, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2017-3248

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthenticated ... Read more

    Affected Products : weblogic_server
    • EPSS Score: %91.62
    • Published: Jan. 27, 2017
    • Modified: Aug. 13, 2025

  • 6.1

    MEDIUM
    CVE-2025-30084

    A stored XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 for Joomla was discovered. The issue occurs within the dashboard component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject mal... Read more

    Affected Products : rsmail\!
    • Published: Jun. 05, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291305 Results