Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2024-24911

    In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Se... Read more

    Affected Products :
    • Published: Feb. 06, 2025
    • Modified: Feb. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2024-57962

    Vulnerability of incomplete verification information in the VPN service module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2024-57961

    Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.... Read more

    Affected Products : emui harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Memory Corruption

  • 7.7

    HIGH
    CVE-2024-57960

    Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2024-57959

    Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.... Read more

    Affected Products : emui harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-57958

    Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.... Read more

    Affected Products : emui harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-57957

    Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-57956

    Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-57955

    Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-57954

    Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-12602

    Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Feb. 06, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Authentication

  • 10.0

    CRITICAL
    CVE-2025-0982

    Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will ... Read more

    Affected Products : application_integration
    • Published: Feb. 06, 2025
    • Modified: Jul. 30, 2025

  • 7.5

    HIGH
    CVE-2024-45626

    Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this is... Read more

    Affected Products : james james_server
    • Published: Feb. 06, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Denial of Service

  • 8.6

    HIGH
    CVE-2024-37358

    Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version... Read more

    Affected Products : james james_server
    • Published: Feb. 06, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-0859

    The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, ... Read more

    • Published: Feb. 06, 2025
    • Modified: Mar. 19, 2025
    • Vuln Type: Path Traversal

  • 6.3

    MEDIUM
    CVE-2025-24845

    Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where t... Read more

    Affected Products :
    • Published: Feb. 06, 2025
    • Modified: Feb. 06, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-24483

    NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue... Read more

    Affected Products :
    • Published: Feb. 06, 2025
    • Modified: Feb. 06, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2025-23236

    Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained.... Read more

    Affected Products :
    • Published: Feb. 06, 2025
    • Modified: Feb. 06, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-22894

    Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrar... Read more

    Affected Products :
    • Published: Feb. 06, 2025
    • Modified: Feb. 06, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-20094

    Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrar... Read more

    Affected Products :
    • Published: Feb. 06, 2025
    • Modified: Feb. 06, 2025
    • Vuln Type: Authentication
Showing 20 of 291384 Results