Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-51583

    Voltronic Power ViewPower UpsScheduler Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not require... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 8.8

    HIGH
    CVE-2023-51584

    Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 7.5

    HIGH
    CVE-2025-29816

    Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2023-51585

    Voltronic Power ViewPower USBCommEx shutdown Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is requir... Read more

    Affected Products : viewpower viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 9.8

    CRITICAL
    CVE-2024-40394

    Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php.... Read more

    Affected Products : simple_library_management_system
    • Published: Jul. 16, 2024
    • Modified: Jul. 09, 2025

  • 8.8

    HIGH
    CVE-2025-29794

    Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2023-51586

    Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not requi... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 7.2

    HIGH
    CVE-2025-29793

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2023-51587

    Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower. Authentication is... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 7.3

    HIGH
    CVE-2025-29792

    Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-29791

    Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2023-51588

    Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 7.8

    HIGH
    CVE-2025-27752

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2023-51590

    Voltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 7.8

    HIGH
    CVE-2025-27751

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 4.9

    MEDIUM
    CVE-2025-1769

    The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.0 via the download_file() function. This makes it possible for authenticated at... Read more

    • Published: Mar. 26, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Path Traversal

  • 7.5

    HIGH
    CVE-2023-51591

    Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower Pro. Authenti... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025

  • 7.8

    HIGH
    CVE-2025-27750

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27749

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    • Published: Apr. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2023-51593

    Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not require... Read more

    Affected Products : viewpower
    • Published: May. 03, 2024
    • Modified: Jul. 09, 2025
Showing 20 of 291878 Results