Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.2

    HIGH
    CVE-2015-8397

    The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash... Read more

    Affected Products : grassroots_dicom grassroots_dicom
    • EPSS Score: %2.06
    • Published: Jan. 12, 2016
    • Modified: Aug. 21, 2025

  • 10.0

    CRITICAL
    CVE-2015-8396

    Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image... Read more

    Affected Products : grassroots_dicom grassroots_dicom
    • EPSS Score: %23.52
    • Published: Jan. 12, 2016
    • Modified: Aug. 21, 2025

  • 9.8

    CRITICAL
    CVE-2024-22391

    A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger t... Read more

    • Published: Apr. 25, 2024
    • Modified: Aug. 21, 2025

  • 9.8

    CRITICAL
    CVE-2024-22373

    An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file ... Read more

    Affected Products : fedora grassroots_dicom
    • Published: Apr. 25, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-45744

    A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated ... Read more

    Affected Products : smart_reader_firmware smart_reader
    • Published: Apr. 17, 2024
    • Modified: Aug. 21, 2025

  • 7.5

    HIGH
    CVE-2023-45209

    An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can ma... Read more

    Affected Products : smart_reader_firmware smart_reader
    • Published: Apr. 17, 2024
    • Modified: Aug. 21, 2025

  • 7.5

    HIGH
    CVE-2023-43491

    An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an... Read more

    Affected Products : smart_reader_firmware smart_reader
    • Published: Apr. 17, 2024
    • Modified: Aug. 21, 2025

  • 9.1

    CRITICAL
    CVE-2024-39359

    A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP req... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025

  • 9.8

    CRITICAL
    CVE-2023-40146

    A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with... Read more

    Affected Products : smart_reader_firmware smart_reader
    • Published: Apr. 17, 2024
    • Modified: Aug. 21, 2025

  • 9.1

    CRITICAL
    CVE-2023-39367

    An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request... Read more

    Affected Products : smart_reader_firmware smart_reader
    • Published: Apr. 17, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49913

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49912

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49911

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49910

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49909

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    Affected Products : eap225_firmware eap225
    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49908

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    Affected Products : eap225_firmware eap225
    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49907

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 8.8

    HIGH
    CVE-2023-49906

    A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remot... Read more

    Affected Products : eap225_firmware eap225
    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 9.8

    CRITICAL
    CVE-2023-49134

    A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A spec... Read more

    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025

  • 9.8

    CRITICAL
    CVE-2023-49133

    A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A spec... Read more

    • Published: Apr. 09, 2024
    • Modified: Aug. 21, 2025
Showing 20 of 290954 Results