Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2022-44513

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploita... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 7.8

    HIGH
    CVE-2022-44512

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploita... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 5.2

    MEDIUM
    CVE-2021-29827

    IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions... Read more

    • Published: Dec. 19, 2024
    • Modified: Mar. 12, 2025

  • 5.4

    MEDIUM
    CVE-2021-20553

    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr... Read more

    Affected Products : sterling_b2b_integrator
    • Published: Dec. 19, 2024
    • Modified: Mar. 06, 2025

  • 7.5

    HIGH
    CVE-2024-56319

    In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a denial of service (resource exhaustion).... Read more

    Affected Products :
    • Published: Dec. 18, 2024
    • Modified: Dec. 31, 2024

  • 7.5

    HIGH
    CVE-2024-56318

    In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service.... Read more

    Affected Products :
    • Published: Dec. 18, 2024
    • Modified: Jan. 02, 2025

  • 7.5

    HIGH
    CVE-2024-56317

    In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no ent... Read more

    Affected Products :
    • Published: Dec. 18, 2024
    • Modified: Jan. 02, 2025

  • 8.8

    HIGH
    CVE-2024-56116

    A Cross-Site Request Forgery vulnerability in Amiro.CMS before 7.8.4 allows remote attackers to create an administrator account.... Read more

    Affected Products : amiro.cms
    • Published: Dec. 18, 2024
    • Modified: Apr. 23, 2025

  • 6.1

    MEDIUM
    CVE-2024-56115

    A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct a Cross-Site Scripting (XSS) attack.... Read more

    Affected Products : amiro.cms
    • Published: Dec. 18, 2024
    • Modified: Apr. 23, 2025

  • 8.8

    HIGH
    CVE-2024-55506

    An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.... Read more

    Affected Products : complaint_management_system
    • Published: Dec. 18, 2024
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-55461

    SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function Ebak_RepPathFiletext().... Read more

    Affected Products : seacms
    • Published: Dec. 18, 2024
    • Modified: Mar. 28, 2025

  • 5.4

    MEDIUM
    CVE-2024-55239

    A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulo_documento' parameter.... Read more

    Affected Products : i-educar
    • Published: Dec. 18, 2024
    • Modified: Jul. 03, 2025

  • 7.5

    HIGH
    CVE-2024-53580

    iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function.... Read more

    Affected Products :
    • Published: Dec. 18, 2024
    • Modified: Apr. 04, 2025

  • 9.1

    CRITICAL
    CVE-2024-43106

    A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigge... Read more

    Affected Products : excel
    • Published: Dec. 18, 2024
    • Modified: Aug. 22, 2025

  • 9.1

    CRITICAL
    CVE-2024-42220

    A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to ... Read more

    Affected Products : outlook
    • Published: Dec. 18, 2024
    • Modified: Aug. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-42004

    A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library... Read more

    Affected Products : teams
    • Published: Dec. 18, 2024
    • Modified: Aug. 26, 2025

  • 9.1

    CRITICAL
    CVE-2024-41165

    A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger ... Read more

    Affected Products : word
    • Published: Dec. 18, 2024
    • Modified: Aug. 22, 2025

  • 7.1

    HIGH
    CVE-2024-41159

    A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to tr... Read more

    Affected Products : onenote
    • Published: Dec. 18, 2024
    • Modified: Aug. 25, 2025

  • 9.8

    CRITICAL
    CVE-2024-41145

    A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious appl... Read more

    Affected Products : teams
    • Published: Dec. 18, 2024
    • Modified: Aug. 26, 2025

  • 9.8

    CRITICAL
    CVE-2024-41138

    A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission ... Read more

    Affected Products : teams
    • Published: Dec. 18, 2024
    • Modified: Aug. 26, 2025
Showing 20 of 293328 Results