Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2022-3341

    A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer derefere... Read more

    Affected Products : debian_linux ffmpeg
    • EPSS Score: %0.05
    • Published: Jan. 12, 2023
    • Modified: Aug. 07, 2025

  • 7.5

    HIGH
    CVE-2024-10455

    Reachable Assertion in BPv7 parser in µD3TN v0.14.0 allows attacker to disrupt service via malformed Extension Block... Read more

    Affected Products : ud3tn
    • Published: Oct. 28, 2024
    • Modified: Aug. 07, 2025

  • 7.5

    HIGH
    CVE-2024-31409

    Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result in an attacker obtaining data from throughout the system after gaining access to any device.... Read more

    Affected Products : powerpanel
    • Published: May. 15, 2024
    • Modified: Aug. 07, 2025

  • 4.4

    MEDIUM
    CVE-2024-1040

    Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device.... Read more

    Affected Products : web-master_firmware web-master
    • EPSS Score: %0.01
    • Published: Feb. 01, 2024
    • Modified: Aug. 07, 2025

  • 9.8

    CRITICAL
    CVE-2024-1039

    Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device.... Read more

    Affected Products : web-master_firmware web-master
    • EPSS Score: %0.12
    • Published: Feb. 01, 2024
    • Modified: Aug. 07, 2025

  • 7.5

    HIGH
    CVE-2024-8185

    Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of... Read more

    Affected Products : vault openbao
    • Published: Oct. 31, 2024
    • Modified: Aug. 07, 2025

  • 6.5

    MEDIUM
    CVE-2024-20457

    A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulne... Read more

    • Published: Nov. 06, 2024
    • Modified: Aug. 07, 2025

  • 3.3

    LOW
    CVE-2021-34951

    Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exp... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 07, 2024
    • Modified: Aug. 07, 2025

  • 5.4

    MEDIUM
    CVE-2024-20504

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (... Read more

    • Published: Nov. 06, 2024
    • Modified: Aug. 07, 2025

  • 6.1

    MEDIUM
    CVE-2024-20511

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct a cr... Read more

    Affected Products : unified_communications_manager
    • Published: Nov. 06, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2024-30336

    Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 07, 2025

  • 5.4

    MEDIUM
    CVE-2024-20540

    A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user o... Read more

    • Published: Nov. 06, 2024
    • Modified: Aug. 07, 2025

  • 7.1

    HIGH
    CVE-2024-30335

    Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to explo... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 07, 2025

  • 8.4

    HIGH
    CVE-2024-10394

    A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG.... Read more

    Affected Products : openafs
    • Published: Nov. 14, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2024-30337

    Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2024-30338

    Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2024-30339

    Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 07, 2025

  • 8.8

    HIGH
    CVE-2025-26902

    Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro allows Cross Site Request Forgery.This issue affects Brizy Pro: from n/a through 2.6.1.... Read more

    Affected Products : brizy
    • Published: Apr. 09, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.5

    MEDIUM
    CVE-2025-32198

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themefusecom Brizy. This issue affects Brizy: from n/a through 2.6.14.... Read more

    Affected Products : brizy
    • Published: Apr. 10, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2024-11129

    An issue has been discovered in GitLab EE affecting all versions from 17.1 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. This allows attackers to perform targeted searches with sensitive keywords to get the count of issues containing the s... Read more

    Affected Products : gitlab
    • Published: Apr. 10, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291358 Results