Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.7

    MEDIUM
    CVE-2025-0547

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Software Bizmu allows Cross-Site Scripting (XSS).This issue affects Bizmu: from 2.27.0 through 20250212.... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2025-6237

    A vulnerability in invokeai version v6.0.0a1 and below allows attackers to perform path traversal and arbitrary file deletion via the GET /api/v1/images/download/{bulk_download_item_name} endpoint. By manipulating the filename arguments, attackers can rea... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Path Traversal

  • 5.3

    MEDIUM
    CVE-2025-8463

    Authorization Bypass Through User-Controlled Key vulnerability in SecHard Information Technologies SecHard allows Parameter Injection.This issue affects SecHard: before 3.6.2-20250805.... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-46593

    Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: May. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Denial of Service

  • 6.2

    MEDIUM
    CVE-2025-46591

    Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: May. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.1

    HIGH
    CVE-2025-46589

    Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.... Read more

    Affected Products : harmonyos
    • Published: May. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.7

    HIGH
    CVE-2025-46588

    Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.... Read more

    Affected Products : harmonyos
    • Published: May. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-46586

    Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: May. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-31174

    Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Path Traversal

  • 6.8

    MEDIUM
    CVE-2025-31171

    File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Apr. 07, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure

  • 6.8

    MEDIUM
    CVE-2025-27521

    Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Mar. 04, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-10493

    The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthentic... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-9136

    Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 27, 2024
    • Modified: Sep. 18, 2025

  • 6.2

    MEDIUM
    CVE-2024-58050

    Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Mar. 04, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2024-58046

    Permission management vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Mar. 04, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-57955

    Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-57954

    Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-56439

    Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2024-56438

    Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-56436

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Jan. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 294530 Results