Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-48349

    In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48348

    In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48347

    In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48346

    In video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48344

    In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48343

    In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 4.4

    MEDIUM
    CVE-2023-48342

    In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48341

    In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-48340

    In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 4.4

    MEDIUM
    CVE-2023-48339

    In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 18, 2024
    • Modified: Jun. 20, 2025

  • 6.1

    MEDIUM
    CVE-2023-48104

    Alinto SOGo before 5.9.1 is vulnerable to HTML Injection.... Read more

    Affected Products : sogo
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 4.3

    MEDIUM
    CVE-2024-30370

    RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in tha... Read more

    Affected Products : winrar
    • Published: Apr. 02, 2024
    • Modified: Jun. 20, 2025

  • 4.8

    MEDIUM
    CVE-2024-37773

    An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as administrators to inject arbitrary HTML code in an admin screen.... Read more

    Affected Products : dctrack
    • Published: Dec. 16, 2024
    • Modified: Jun. 20, 2025

  • 7.8

    HIGH
    CVE-2023-40477

    RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit ... Read more

    Affected Products : winrar
    • Published: May. 03, 2024
    • Modified: Jun. 20, 2025

  • 5.3

    MEDIUM
    CVE-2024-56128

    Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary: Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 58... Read more

    Affected Products : kafka
    • Published: Dec. 18, 2024
    • Modified: Jun. 20, 2025

  • 7.5

    HIGH
    CVE-2025-2056

    The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of... Read more

    Affected Products : hide_my_wp_ghost
    • Published: Mar. 14, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Path Traversal

  • 4.3

    MEDIUM
    CVE-2024-55897

    IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes ... Read more

    Affected Products : i i powerha_system_mirror
    • Published: Jan. 03, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Misconfiguration

  • 9.3

    CRITICAL
    CVE-2025-22275

    iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote log... Read more

    Affected Products : iterm2
    • Published: Jan. 03, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2024-33894

    Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges.... Read more

    • Published: Aug. 02, 2024
    • Modified: Jun. 20, 2025

  • 3.1

    LOW
    CVE-2024-51472

    IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensiti... Read more

    Affected Products : urbancode_deploy devops_deploy
    • Published: Jan. 06, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 293620 Results