Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2025-0904

    PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor
    • Published: Feb. 11, 2025
    • Modified: Feb. 12, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2025-0903

    PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to explo... Read more

    Affected Products : pdf-xchange_editor
    • Published: Feb. 11, 2025
    • Modified: Feb. 12, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-0902

    PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor
    • Published: Feb. 11, 2025
    • Modified: Feb. 12, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2025-0901

    PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulner... Read more

    Affected Products : pdf-xchange_editor
    • Published: Feb. 11, 2025
    • Modified: Feb. 12, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-0899

    PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerabilit... Read more

    Affected Products : pdf-xchange_editor
    • Published: Feb. 11, 2025
    • Modified: Feb. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.3

    HIGH
    CVE-2024-21966

    A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Misconfiguration

  • 8.0

    HIGH
    CVE-2024-12833

    Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Paessler PRTG Network Monitor. Some user interaction on... Read more

    Affected Products : prtg_network_monitor
    • Published: Feb. 11, 2025
    • Modified: Feb. 18, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2024-12551

    Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is req... Read more

    Affected Products : power_pdf
    • Published: Feb. 11, 2025
    • Modified: Feb. 18, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-12550

    Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Feb. 11, 2025
    • Modified: Feb. 20, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2024-12549

    Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is req... Read more

    Affected Products : power_pdf
    • Published: Feb. 11, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2024-12548

    Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction i... Read more

    Affected Products : power_pdf
    • Published: Feb. 11, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2024-12547

    Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is re... Read more

    Affected Products : power_pdf
    • Published: Feb. 11, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.3

    HIGH
    CVE-2023-31361

    A DLL hijacking vulnerability in AMD Integrated Management Technology (AIM-T) Manageability Service could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Misconfiguration

  • 7.3

    HIGH
    CVE-2023-31360

    Incorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability Service installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Misconfiguration

  • 5.1

    MEDIUM
    CVE-2025-25524

    Buffer overflow vulnerability in TOTOLink X6000R routers V9.4.0cu.652_B20230116 due to the lack of length verification, which is related to the addition of Wi-Fi filtering rules. Attackers who successfully exploit this vulnerability can cause the remote t... Read more

    Affected Products : x6000r_firmware x6000r
    • Published: Feb. 11, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 5.9

    MEDIUM
    CVE-2025-25523

    Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v1(1.00.023) due to the lack of length verification, which is related to the mobile access point setup operation. The attacker can directly control the remote target device by successful... Read more

    Affected Products : teg-40128_firmware teg-40128
    • Published: Feb. 11, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Memory Corruption

  • 7.3

    HIGH
    CVE-2025-25522

    Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability.... Read more

    Affected Products : wap610n_firmware wap610n
    • Published: Feb. 11, 2025
    • Modified: Jun. 06, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-25202

    Ash Authentication is an authentication framework for Elixir applications. Applications which have been bootstrapped by the igniter installer present since AshAuthentication v4.1.0 and who have used the magic link strategy _or_ are manually revoking token... Read more

    Affected Products : ash_authentication
    • Published: Feb. 11, 2025
    • Modified: Aug. 27, 2025
    • Vuln Type: Authentication

  • 5.1

    MEDIUM
    CVE-2022-35202

    A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain (non-default) scenarios, to gain access to the private keys used for signing SAML Authn requests. The underlying issue is a Java keystore that may become accessib... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 13, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-26495

    Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record the Personal Access Token (PAT) into logging repositories.This issue affects Tableau Server: before 2022.1.3, before 2021.4.8, before 2021.3.13, before 2021.2... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291616 Results