Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.0

    HIGH
    CVE-2025-8138

    A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formOneKeyAccessButton of the component HTTP POST Request Handler. The manipulation of th... Read more

    Affected Products : a702r_firmware a702r
    • Published: Jul. 25, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-8137

    A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the ... Read more

    Affected Products : a702r_firmware a702r
    • Published: Jul. 25, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-8140

    A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formWlanMultipleAP of the component HTTP POST Request Handler. The manipulation of the argument... Read more

    Affected Products : a702r_firmware a702r
    • Published: Jul. 25, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 4.6

    MEDIUM
    CVE-2024-29980

    Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake, Phoenix SecureCore™ for Intel Ice Lake allows Input Data Ma... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jul. 28, 2025

  • 4.6

    MEDIUM
    CVE-2024-29979

    Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake, Phoenix SecureCore™ for Intel Ice Lake allows Input Data Ma... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jul. 28, 2025

  • 7.5

    HIGH
    CVE-2024-1598

    Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567.... Read more

    • Published: May. 14, 2024
    • Modified: Jul. 28, 2025

  • 3.3

    LOW
    CVE-2024-12533

    Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore Technology 4 allows Input Data Manipulation.This issue affects SecureCore Technology 4: from 4.0.1.0 before 4.0.1.1018, from 4.1.0.1 before 4.1.0.573, from 4.2.0.1 be... Read more

    Affected Products :
    • Published: May. 13, 2025
    • Modified: Jul. 28, 2025

  • 7.5

    HIGH
    CVE-2024-0762

    Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake... Read more

    • Published: May. 14, 2024
    • Modified: Jul. 28, 2025

  • 7.8

    HIGH
    CVE-2023-5058

    Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code execution.... Read more

    Affected Products : securecore_technology
    • Published: Dec. 07, 2023
    • Modified: Jul. 28, 2025

  • 7.8

    HIGH
    CVE-2023-35841

    Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.... Read more

    Affected Products :
    • Published: May. 14, 2024
    • Modified: Jul. 28, 2025

  • 8.4

    HIGH
    CVE-2023-31100

    Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from ... Read more

    Affected Products : securecore_technology
    • Published: Nov. 15, 2023
    • Modified: Jul. 28, 2025

  • 9.0

    HIGH
    CVE-2014-9193

    Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting.... Read more

    Affected Products : mguard_firmware
    • Published: Dec. 20, 2014
    • Modified: Jul. 28, 2025

  • 7.8

    HIGH
    CVE-2025-7242

    IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7243

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to ... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7244

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to ... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7246

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to ... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7241

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to ... Read more

    Affected Products : irfanview cadimage
    • Published: Jul. 21, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2025-8037

    Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunde... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Misconfiguration

  • 6.5

    MEDIUM
    CVE-2025-8033

    The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, T... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2025-8032

    XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Jul. 22, 2025
    • Modified: Jul. 28, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293186 Results