Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2023-37350

    Kofax Power PDF TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2023-51569

    Kofax Power PDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2023-37341

    Kofax Power PDF PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2023-37342

    Kofax Power PDF PNG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit thi... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 4.8

    MEDIUM
    CVE-2024-20256

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This ... Read more

    • Published: May. 15, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2023-51566

    Kofax Power PDF OXPS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit t... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-51564

    Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.8

    MEDIUM
    CVE-2024-20361

    A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco... Read more

    • Published: May. 22, 2024
    • Modified: Aug. 07, 2025

  • 6.8

    MEDIUM
    CVE-2025-8629

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8628

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8630

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8631

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8632

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8633

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8637

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2024-5798

    Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an inv... Read more

    Affected Products : vault
    • Published: Jun. 12, 2024
    • Modified: Aug. 07, 2025

  • 6.8

    MEDIUM
    CVE-2025-8635

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8634

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8636

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8638

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection
Showing 20 of 291358 Results