Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-51564

    Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.8

    MEDIUM
    CVE-2024-20361

    A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco... Read more

    • Published: May. 22, 2024
    • Modified: Aug. 07, 2025

  • 6.8

    MEDIUM
    CVE-2025-8629

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8628

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8630

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8631

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8632

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8633

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8637

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2024-5798

    Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an inv... Read more

    Affected Products : vault
    • Published: Jun. 12, 2024
    • Modified: Aug. 07, 2025

  • 6.8

    MEDIUM
    CVE-2025-8635

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8634

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8636

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8638

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8639

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The spe... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8640

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2023-51563

    Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerabil... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 8.8

    HIGH
    CVE-2025-8653

    Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required t... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Memory Corruption

  • 6.8

    MEDIUM
    CVE-2025-8641

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2025-8642

    Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulner... Read more

    Affected Products : dmx958xr_firmware dmx958xr
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection
Showing 20 of 291367 Results