Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2025-26643

    The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.... Read more

    Affected Products : edge_chromium
    • Published: Mar. 07, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-27607

    Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the na... Read more

    Affected Products : python_json_logger
    • Published: Mar. 07, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Supply Chain

  • 7.5

    HIGH
    CVE-2025-27604

    XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fi... Read more

    Affected Products : confluence_migrator
    • Published: Mar. 07, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Information Disclosure

  • 7.1

    HIGH
    CVE-2025-0162

    IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resource... Read more

    Affected Products : aspera_shares
    • Published: Mar. 07, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: XML External Entity

  • 5.1

    MEDIUM
    CVE-2024-53700

    A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following... Read more

    Affected Products :
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Injection

  • 2.1

    LOW
    CVE-2024-53699

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2024-53698

    A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2024-53697

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 5.1

    MEDIUM
    CVE-2024-53696

    A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerabili... Read more

    Affected Products : quts_hero qts qulog_center
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Server-Side Request Forgery

  • 6.3

    MEDIUM
    CVE-2024-53695

    A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS ... Read more

    Affected Products :
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 8.6

    HIGH
    CVE-2024-53694

    A time-of-check time-of-use (TOCTOU) race condition vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local attackers who have gained user access to gain access to otherwise unauthorized resour... Read more

    Affected Products :
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Race Condition

  • 7.1

    HIGH
    CVE-2024-53693

    An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify applicatio... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Injection

  • 5.1

    MEDIUM
    CVE-2024-53692

    A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed t... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2024-50405

    An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify a... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Injection

  • 7.7

    HIGH
    CVE-2024-50394

    An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version... Read more

    Affected Products : helpdesk
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Cryptography

  • 7.7

    HIGH
    CVE-2024-50390

    A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and late... Read more

    Affected Products :
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Injection

  • 5.3

    MEDIUM
    CVE-2024-48864

    A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories. We have already fixed the vulnerability in th... Read more

    Affected Products : file_station
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Authorization

  • 2.1

    LOW
    CVE-2024-38638

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2024-13086

    An exposure of sensitive information vulnerability has been reported to affect product. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following versio... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Information Disclosure

  • 1.0

    LOW
    CVE-2024-12975

    A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.... Read more

    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292810 Results