Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-58042

    In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedule_work outside lock Move the hash table growth check and work scheduling outside the rht lock to prevent a possible circular locking ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2024-58034

    In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the reference of the argument device node, tegra_emc_find_node_b... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 21, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-58022

    In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix a NULL vs IS_ERR() bug The devm_ioremap() function doesn't return error pointers, it returns NULL. Update the error checking to match.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025

  • 6.1

    MEDIUM
    CVE-2024-54957

    Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by users with read-only permissions. This vulnerability allows an attacker to craft a malicious link that redirects users to an arbitrary external URL without their... Read more

    Affected Products : nagios_xi
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2024-53944

    An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0.1802.10.08_P4 and LT21B devices through M7628xUSAxUIv2_v1.0.1481.15.02_P0. A unauthenticated remote attacker with network access can exploit a command injectio... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Injection

  • 5.4

    MEDIUM
    CVE-2024-53408

    AVE System Web Client v2.1.131.13992 was discovered to contain a cross-site scripting (XSS) vulnerability.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.1

    MEDIUM
    CVE-2025-22624

    FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensio... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-0767

    WP Activity Log 5.3.2 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in myapp/classes/Writers/class-csv-writer.php.... Read more

    Affected Products : wp_activity_log
    • Published: Feb. 27, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2025-27399

    Mastodon is a self-hosted, federated microblogging platform. In versions prior to 4.1.23, 4.2.16, and 4.3.4, when the visibility for domain blocks/reasons is set to "users" (localized English string: "To logged-in users"), users that are not yet approved ... Read more

    Affected Products : mastodon
    • Published: Feb. 27, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-1745

    A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. This vulnerability affects unknown code of the component Logout. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploi... Read more

    Affected Products : pb-cms
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 6.9

    MEDIUM
    CVE-2025-1743

    A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack ... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Path Traversal

  • 5.3

    MEDIUM
    CVE-2025-27157

    Mastodon is a self-hosted, federated microblogging platform. Starting in version 4.2.0 and prior to versions 4.2.16 and 4.3.4, the rate limits are missing on `/auth/setup`. Without those rate limits, an attacker can craft requests that will send an email ... Read more

    Affected Products : mastodon
    • Published: Feb. 27, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-25329

    An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision iOS 8.137.0 allows attackers to access sensitive user information via supplying a crafted link.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Information Disclosure

  • 7.1

    HIGH
    CVE-2025-23687

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in simonhunter Woo Store Mode allows Reflected XSS. This issue affects Woo Store Mode: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2025-1742

    A vulnerability, which was classified as problematic, has been found in pihome-shc PiHome 2.0. Affected by this issue is some unknown functionality of the file /home.php. The manipulation of the argument page_name leads to cross site scripting. The attack... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2024-9285

    A vulnerability was found in Tu Yafeng Via Browser up to 5.9.0 on Android. It has been rated as problematic. This issue affects some unknown processing of the component Javascript Bridge. The manipulation leads to cross site scripting. The attack may be i... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.5

    MEDIUM
    CVE-2025-25334

    An issue in Suning Commerce Group Suning EMall iOS 9.5.198 allows attackers to access sensitive user information via supplying a crafted link.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-25333

    An issue in IKEA CN iOS 4.13.0 allows attackers to access sensitive user information via supplying a crafted link.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-25331

    An issue in Beitatong Technology LianJia iOS 9.83.50 allows attackers to access sensitive user information via supplying a crafted link.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-25330

    An issue in Boohee Technology Boohee Health iOS 13.0.13 allows attackers to access sensitive user information via supplying a crafted link.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291878 Results