Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.9

    HIGH
    CVE-2024-53011

    Information disclosure may occur due to improper permission and access controls to Video Analytics engine.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2024-49836

    Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-45580

    Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-43062

    Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-43061

    Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-43060

    Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-43059

    Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-43057

    Memory corruption while processing command in Glink linux.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2024-43056

    Transient DOS during hypervisor virtual I/O operation in a virtual machine.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2024-43055

    Memory corruption while processing camera use case IOCTL call.... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-43051

    Information disclosure while deriving keys for a session for any Widevine use case.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Cryptography

  • 5.4

    MEDIUM
    CVE-2024-38426

    While processing the authentication message in UE, improper authentication may lead to information disclosure.... Read more

    • Published: Mar. 03, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2024-24778

    Improper privilege management in a REST interface allowed registered users to access unauthorized resources if the resource ID was know. This issue affects Apache StreamPipes: through 0.95.1. Users are recommended to upgrade to version 0.97.0 which... Read more

    Affected Products : streampipes
    • Published: Mar. 03, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Authorization

  • 5.4

    MEDIUM
    CVE-2024-10925

    A vulnerability in GitLab-EE affecting all versions from 16.2 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows a Guest user to read Security policy YAML... Read more

    Affected Products : gitlab
    • Published: Mar. 03, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Information Disclosure

  • 5.4

    MEDIUM
    CVE-2024-8186

    An issue has been discovered in GitLab CE/EE affecting all versions from 16.6 before 17.7.6, 17.8 before 17.8.4, and 17.9 before 17.9.1. An attacker could inject HMTL into the child item search potentially leading to XSS in certain situations.... Read more

    Affected Products : gitlab
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2025-25280

    Buffer overflow vulnerability exists in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device ... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-24846

    Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sen... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-24654

    Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.4.05.... Read more

    Affected Products : seo_plugin_by_squirrly_seo
    • Published: Mar. 03, 2025
    • Modified: Apr. 04, 2025
    • Vuln Type: Authorization

  • 10.0

    CRITICAL
    CVE-2025-1867

    Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3.... Read more

    Affected Products : libhv
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Misconfiguration

  • 10.0

    CRITICAL
    CVE-2025-1866

    Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in... Read more

    Affected Products :
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292758 Results