Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-35711

    Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.3

    HIGH
    CVE-2024-39546

    A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to exe... Read more

    Affected Products : junos_os_evolved
    • Published: Jul. 11, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-35715

    Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit ... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-35716

    Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit th... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2025-2023

    Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2021

    Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2019

    Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to e... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2022

    Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2020

    Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit ... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2018

    Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2014

    Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2012

    Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit th... Read more

    Affected Products : cobalt
    • Published: Mar. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2023-39329

    A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.... Read more

    Affected Products : enterprise_linux openjpeg
    • Published: Jul. 13, 2024
    • Modified: Aug. 08, 2025

  • 4.3

    MEDIUM
    CVE-2023-39327

    A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.... Read more

    Affected Products : enterprise_linux openjpeg
    • Published: Jul. 13, 2024
    • Modified: Aug. 08, 2025

  • 9.8

    CRITICAL
    CVE-2025-8504

    A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to init... Read more

    Affected Products : kitchen_treasure
    • Published: Aug. 03, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-8496

    A vulnerability has been found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewform.php. The manipulation of the argument ID leads to sql injection. The a... Read more

    Affected Products : online_admission_system
    • Published: Aug. 03, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8495

    A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/edit_admin_query.php. The manipulation of the argument Username leads to sql injectio... Read more

    • Published: Aug. 03, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Injection

  • 5.3

    MEDIUM
    CVE-2025-7907

    A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as problematic. Affected is an unknown function of the file ruoyi-admin/src/main/resources/application-druid.yml of the component Druid. The manipulation leads to use of ... Read more

    Affected Products : ruoyi
    • Published: Jul. 20, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-7911

    A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the argument remove_ext_proto/remove_ext_port leads to stack-ba... Read more

    Affected Products : di-8100_firmware di-8100
    • Published: Jul. 20, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 5.4

    MEDIUM
    CVE-2025-7902

    A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possi... Read more

    Affected Products : ruoyi
    • Published: Jul. 20, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291401 Results