Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-29487

    An out-of-memory error in the parseABC_STRING_INFO function of libming v0.4.8 allows attackers to cause a Denial of Service (DoS) due to allocator exhaustion.... Read more

    Affected Products : libming
    • Published: Mar. 27, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-29486

    libming v0.4.8 was discovered to contain a memory leak via the parseSWF_PLACEOBJECT3 function.... Read more

    Affected Products : libming
    • Published: Mar. 27, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-29485

    libming v0.4.8 was discovered to contain a segmentation fault via the decompileRETURN function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SWF file.... Read more

    Affected Products : libming
    • Published: Mar. 27, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-29484

    An out-of-memory error in the parseABC_NS_SET_INFO function of libming v0.4.8 allows attackers to cause a Denial of Service (DoS) due to allocator exhaustion.... Read more

    Affected Products : libming
    • Published: Mar. 27, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-29483

    libming v0.4.8 was discovered to contain a memory leak via the parseSWF_ENABLEDEBUGGER2 function.... Read more

    Affected Products : libming
    • Published: Mar. 27, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Memory Corruption

  • 4.3

    MEDIUM
    CVE-2025-22671

    Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through 1.0.2.... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-22670

    Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.7.2.... Read more

    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-22669

    Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome Event Booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through 2.7.5.... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.5

    MEDIUM
    CVE-2025-22668

    Missing Authorization vulnerability in AwesomeTOGI Awesome Event Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Event Booking: from n/a through 2.7.2.... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-22667

    Missing Authorization vulnerability in Creative Werk Designs Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets.This issue affects Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets: from n/a through 1.8.2.... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-22665

    Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RapidLoad: from n/a through 2.4.4.... Read more

    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-22660

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wolfgang Include Mastodon Feed allows DOM-Based XSS.This issue affects Include Mastodon Feed: from n/a through 1.9.9.... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-22659

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through 2.10.44.... Read more

    Affected Products : orbit_fox
    • Published: Mar. 27, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-22658

    Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Listings for Appfolio allows Stored XSS.This issue affects Listings for Appfolio: from n/a through 1.2.0.... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.6

    HIGH
    CVE-2025-22652

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kendysond Payment Forms for Paystack allows SQL Injection.This issue affects Payment Forms for Paystack: from n/a through 4.0.1.... Read more

    Affected Products : payment_forms_for_paystack
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Injection

  • 5.9

    MEDIUM
    CVE-2025-22649

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through 2.6.22.... Read more

    Affected Products : wp_project_manager
    • Published: Mar. 27, 2025
    • Modified: Apr. 10, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-22648

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plugin Devs Blog, Posts and Category Filter for Elementor allows Stored XSS.This issue affects Blog, Posts and Category Filter for Elementor: from n/a th... Read more

    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.3

    MEDIUM
    CVE-2025-22647

    Missing Authorization vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO Performance Profiler, Monitor, Optimize, Compre... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-22646

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemes aThemes Addons for Elementor allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through 1.0.8.... Read more

    Affected Products : athemes_addons_for_elementor
    • Published: Mar. 27, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-22644

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeHunk Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce allows Stored XSS.This issue affects Vayu Blocks – Gutenberg Blocks for WordPress & ... Read more

    Affected Products :
    • Published: Mar. 27, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 292759 Results