Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-34299

    Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to ex... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.0

    HIGH
    CVE-2025-5222

    A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.... Read more

    • Published: May. 27, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-0913

    os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a syml... Read more

    Affected Products : go windows
    • Published: Jun. 11, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2023-34303

    Ashlar-Vellum Cobalt Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 8.8

    HIGH
    CVE-2024-6249

    Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not req... Read more

    Affected Products : cam_v3_firmware cam_v3
    • Published: Nov. 22, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-32179

    VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to e... Read more

    Affected Products : antivirus antivirus_plus
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-32178

    VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to ... Read more

    Affected Products : antivirus antivirus_plus
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-32177

    VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the abil... Read more

    Affected Products : antivirus antivirus_plus
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-32176

    VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the abil... Read more

    Affected Products : antivirus antivirus_plus
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2023-32175

    VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-priv... Read more

    Affected Products : antivirus antivirus_plus
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-49351

    IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user.... Read more

    • Published: Nov. 26, 2024
    • Modified: Aug. 08, 2025

  • 9.1

    CRITICAL
    CVE-2023-32174

    Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to... Read more

    Affected Products : uagateway
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 5.8

    MEDIUM
    CVE-2023-32173

    Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required ... Read more

    Affected Products : uagateway
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 6.5

    MEDIUM
    CVE-2023-32172

    Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is requ... Read more

    Affected Products : uagateway
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 6.5

    MEDIUM
    CVE-2023-32171

    Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authenticati... Read more

    Affected Products : uagateway
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 6.5

    MEDIUM
    CVE-2023-32170

    Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User intera... Read more

    Affected Products : uagateway
    • Published: May. 03, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-30343

    Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability ... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-30342

    Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability ... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2024-30340

    Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 9.8

    CRITICAL
    CVE-2024-1863

    Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnera... Read more

    Affected Products : sante_pacs_server
    • Published: Apr. 01, 2024
    • Modified: Aug. 08, 2025
Showing 20 of 291401 Results