Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2017-5976

Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file....

Affected Products : debian_linux zziplib zziplib
EPSS Score: %0.63

Published: Mar. 01, 2017

Modified: Jul. 10, 2025
6.5

MEDIUM

CVE-2018-6541

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via ...

Affected Products : ubuntu_linux zziplib zziplib
EPSS Score: %0.44

Published: Feb. 02, 2018

Modified: Jul. 10, 2025
6.5

MEDIUM

CVE-2018-7727

An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack....

Affected Products : enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation zziplib zziplib
EPSS Score: %0.09

Published: Mar. 06, 2018

Modified: Jul. 10, 2025
6.5

MEDIUM

CVE-2018-7725

An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service....

Affected Products : ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation zziplib zziplib
EPSS Score: %0.35

Published: Mar. 06, 2018

Modified: Jul. 10, 2025
6.5

MEDIUM

CVE-2018-6542

In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c....

Affected Products : zziplib zziplib
EPSS Score: %0.28

Published: Feb. 02, 2018

Modified: Jul. 10, 2025
5.5

MEDIUM

CVE-2025-27736

Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 +4 more products
Published: Apr. 08, 2025

Modified: Jul. 10, 2025

Vuln Type: Information Disclosure
6.0

MEDIUM

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows +5 more products
Published: Apr. 08, 2025

Modified: Jul. 10, 2025

Vuln Type: Authorization
6.3

MEDIUM

CVE-2024-32231

Stash up to v0.25.1 was discovered to contain a SQL injection vulnerability via the sort parameter....

Affected Products : stash
Published: Aug. 15, 2024

Modified: Jul. 10, 2025
7.8

HIGH

CVE-2025-27733

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows windows_server_2012_r2 windows_server_2008_r2 +1 more products
Published: Apr. 08, 2025

Modified: Jul. 10, 2025

Vuln Type: Memory Corruption
6.5

MEDIUM

CVE-2024-45993

Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb....

Affected Products : giflib
Published: Sep. 30, 2024

Modified: Jul. 10, 2025
6.5

MEDIUM

CVE-2024-43346

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wow-Company Modal Window allows Stored XSS.This issue affects Modal Window: from n/a through 6.0.3....

Affected Products : modal_window
Published: Aug. 18, 2024

Modified: Jul. 10, 2025
6.5

MEDIUM

CVE-2025-26664

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2008_r2 +2 more products
Published: Apr. 08, 2025

Modified: Jul. 10, 2025

Vuln Type: Information Disclosure
5.4

MEDIUM

CVE-2024-45920

A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into the application. This issue arises due to insufficient input validation and sanitization in "Intrest" feature....

Affected Products : solvait
Published: Sep. 30, 2024

Modified: Jul. 10, 2025
7.5

HIGH

CVE-2024-44860

An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request....

Affected Products : solvait
Published: Sep. 26, 2024

Modified: Jul. 10, 2025
8.1

HIGH

CVE-2025-26663

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Apr. 08, 2025

Modified: Jul. 10, 2025

Vuln Type: Memory Corruption
7.5

HIGH

CVE-2025-37097

A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service...

Affected Products : insight_remote_support
Published: Jul. 01, 2025

Modified: Jul. 10, 2025

Vuln Type: Denial of Service
8.1

HIGH

CVE-2024-41659

memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a c...

Affected Products : memos
Published: Aug. 20, 2024

Modified: Jul. 10, 2025
7.5

HIGH

CVE-2025-37098

A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646....

Affected Products : insight_remote_support
Published: Jul. 01, 2025

Modified: Jul. 10, 2025

Vuln Type: Path Traversal
4.3

MEDIUM

CVE-2024-6883

The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up...

Affected Products : event_espresso
Published: Aug. 21, 2024

Modified: Jul. 10, 2025
9.8

CRITICAL

CVE-2025-37099

A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646....

Affected Products : insight_remote_support
Published: Jul. 01, 2025

Modified: Jul. 10, 2025

Showing 20 of 291741 Results

1
...
550
551
552
553
554
555
556
...
14588

Latest CVE Feed

5.5

6.5

6.5

6.5

6.5

5.5

6.0

6.3

7.8

6.5

6.5

6.5

5.4

7.5

8.1

7.5

8.1

7.5

4.3

9.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable