Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-51609

    Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-51607

    Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-27333

    Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Apr. 01, 2024
    • Modified: Aug. 07, 2025

  • 8.7

    HIGH
    CVE-2025-54801

    Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index (e.g., test.18446744073704), the application crashes ... Read more

    Affected Products : fiber
    • Published: Aug. 06, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2025-51541

    A stored cross-site scripting (XSS) vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The c_database_schema field fails to properly sanitize user-supplied input before rendering it in the browser, ... Read more

    Affected Products :
    • Published: Aug. 05, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.5

    MEDIUM
    CVE-2024-27334

    Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Apr. 02, 2024
    • Modified: Aug. 07, 2025

  • 7.5

    HIGH
    CVE-2025-44653

    In H3C GR2200 MiniGR1A0V100R016, the USERLIMIT_GLOBAL option is set to 0 in the /etc/bftpd.conf. This can cause DoS attacks when unlimited users are connected.... Read more

    Affected Products : gr2200_firmware gr2200
    • Published: Jul. 21, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-44652

    In Netgear RAX30 V1.0.10.94_3, the USERLIMIT_GLOBAL option is set to 0 in multiple bftpd-related configuration files. This can cause DoS attacks when unlimited users are connected.... Read more

    Affected Products :
    • Published: Jul. 21, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-44649

    In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchage_mode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks ... Read more

    Affected Products : tew-wlc100p_firmware tew-wlc100p
    • Published: Jul. 21, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Misconfiguration

  • 9.3

    CRITICAL
    CVE-2025-34099

    An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidial_sales_viewer.php component when password encryption is enabled (a non-default configuration). The application improperly passes th... Read more

    Affected Products :
    • Published: Jul. 10, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2013-10066

    An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint (users_add.php) that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw ena... Read more

    Affected Products :
    • Published: Aug. 05, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Authentication

  • 8.7

    HIGH
    CVE-2012-10032

    Maxthon3 versions prior to 3.3 are vulnerable to cross context scripting (XCS) via the about:history page. The browser’s trusted zone improperly handles injected script content, allowing attackers to execute arbitrary JavaScript in a privileged context. T... Read more

    Affected Products :
    • Published: Aug. 05, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2025-8229

    A vulnerability classified as critical has been found in Campcodes Courier Management System 1.0. This affects an unknown part of the file /parcel_list.php. The manipulation of the argument s leads to sql injection. It is possible to initiate the attack r... Read more

    Affected Products : courier_management_system
    • Published: Jul. 27, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2024-5510

    Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulner... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Nov. 22, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2024-5511

    Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulner... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Nov. 22, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-5512

    Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Nov. 22, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2024-5513

    Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: Nov. 22, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-42100

    Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit th... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 7.8

    HIGH
    CVE-2023-42127

    Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulne... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-44434

    Kofax Power PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this v... Read more

    Affected Products : kofax_power_pdf power_pdf
    • Published: May. 03, 2024
    • Modified: Aug. 07, 2025
Showing 20 of 291358 Results