Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2025-66406

    Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. ... Read more

    Affected Products :
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Authorization

  • 6.4

    MEDIUM
    CVE-2025-13448

    The CSSIgniter Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' shortcode attribute in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possibl... Read more

    Affected Products :
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.8

    HIGH
    CVE-2025-66431

    WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage sites" with "Domains management" and "Subdomains management... Read more

    Affected Products : plesk
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Authorization

  • 8.7

    HIGH
    CVE-2025-12385

    Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects us... Read more

    Affected Products : qt
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 7.1

    HIGH
    CVE-2025-65097

    RomM (ROM Manager) allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. Prior to 4.4.1 and 4.4.1-beta.2, an Authenticated User can delete collections belonging to other users by directly sending a DEL... Read more

    Affected Products :
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-20750

    In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User intera... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20751

    In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interacti... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-20752

    In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interacti... Read more

    Affected Products : nr15 nr16 nr17 mt2735 mt6813 mt6833 mt6833p mt6835 mt6853 mt6853t +39 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20753

    In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interactio... Read more

    Affected Products : nr15 nr16 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 +32 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20754

    In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User intera... Read more

    Affected Products : nr15 nr16 nr17 mt2735 mt6813 mt6833 mt6833p mt6835 mt6853 mt6853t +54 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20755

    In Modem, there is a possible application crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User i... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20756

    In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +28 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20757

    In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User intera... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-20758

    In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interactio... Read more

    Affected Products : nr15 nr16 nr17 mt2735 mt6813 mt6833 mt6833p mt6835 mt6853 mt6853t +54 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-20759

    In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User int... Read more

    Affected Products : nr15 nr16 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 +36 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-20763

    In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: A... Read more

    Affected Products : android mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 mt6883 mt6885 +18 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-20764

    In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS... Read more

    Affected Products : android mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 +24 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Memory Corruption

  • 4.7

    MEDIUM
    CVE-2025-20765

    In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Is... Read more

    Affected Products : android openwrt yocto mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 +43 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2025-20766

    In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID:... Read more

    Affected Products : android mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 +22 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-20767

    In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALP... Read more

    Affected Products : android mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 +22 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 5356 Results