Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2024-51532

    Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary sy... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 29, 2025

  • 7.8

    HIGH
    CVE-2024-35141

    IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.... Read more

    Affected Products : db2 security_verify_access_docker
    • Published: Dec. 19, 2024
    • Modified: Jan. 29, 2025

  • 5.4

    MEDIUM
    CVE-2024-12121

    The Broken Link Checker | Finder plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the 'moblc_check_link' function. This makes it possible for authenticated attackers, with Author-level... Read more

    Affected Products :
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-10548

    The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task List ('/wp-json/pm/v2/projects/1/task-lists') REST API endpoint. This makes it possible for authe... Read more

    Affected Products : wp_project_manager
    • Published: Dec. 19, 2024
    • Modified: Feb. 05, 2025

  • 6.5

    MEDIUM
    CVE-2023-30443

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query.... Read more

    Affected Products : linux_kernel aix hp-ux db2 solaris windows
    • Published: Dec. 19, 2024
    • Modified: Jan. 31, 2025

  • 4.8

    MEDIUM
    CVE-2023-23357

    A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read applicat... Read more

    Affected Products : qulog_center
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 5.5

    MEDIUM
    CVE-2023-23356

    A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed t... Read more

    Affected Products :
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 7.3

    HIGH
    CVE-2023-23354

    A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data.... Read more

    Affected Products : qulog_center
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 6.8

    MEDIUM
    CVE-2022-27600

    An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack. We have already fixed the vuln... Read more

    Affected Products : quts_hero qts qutscloud
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 7.8

    HIGH
    CVE-2022-27595

    An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerab... Read more

    Affected Products : qvpn
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 4.6

    MEDIUM
    CVE-2022-33954

    IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials.... Read more

    Affected Products : robotic_process_automation windows
    • Published: Dec. 19, 2024
    • Modified: Mar. 27, 2025

  • 7.5

    HIGH
    CVE-2021-39081

    IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.... Read more

    Affected Products : cognos_analytics_mobile
    • Published: Dec. 19, 2024
    • Modified: Jul. 29, 2025

  • 6.5

    MEDIUM
    CVE-2024-55603

    Kanboard is project management software that focuses on the Kanban methodology. In affected versions sessions are still usable even though their lifetime has exceeded. Kanboard implements a cutom session handler (`app/Core/Session/SessionHandler.php`), to... Read more

    Affected Products : kanboard
    • Published: Dec. 19, 2024
    • Modified: Mar. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-21586

    Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an appli... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 7.8

    HIGH
    CVE-2022-44520

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-44519

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 7.8

    HIGH
    CVE-2022-44518

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-44517

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-44516

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-44515

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025
Showing 20 of 293329 Results