Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.2

    HIGH
    CVE-2024-53026

    Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Information Disclosure

  • 8.2

    HIGH
    CVE-2024-53021

    Information disclosure may occur while processing goodbye RTCP packet from network.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Information Disclosure

  • 8.2

    HIGH
    CVE-2024-53020

    Information disclosure may occur while decoding the RTP packet with invalid header extension from network.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Information Disclosure

  • 8.2

    HIGH
    CVE-2024-53019

    Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.... Read more

    • Published: Jun. 03, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Information Disclosure

  • 6.6

    MEDIUM
    CVE-2024-53018

    Memory corruption may occur while processing the OIS packet parser.... Read more

    • Published: Jun. 03, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 6.6

    MEDIUM
    CVE-2024-53017

    Memory corruption while handling test pattern generator IOCTL command.... Read more

    • Published: Jun. 03, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 6.6

    MEDIUM
    CVE-2024-53016

    Memory corruption while processing I2C settings in Camera driver.... Read more

    • Published: Jun. 03, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 6.6

    MEDIUM
    CVE-2024-53015

    Memory corruption while processing IOCTL command to handle buffers associated with a session.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Memory Corruption

  • 6.6

    MEDIUM
    CVE-2024-53013

    Memory corruption may occur while processing voice call registration with user.... Read more

    • Published: Jun. 03, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-53010

    Memory corruption may occur while attaching VM when the HLOS retains access to VM.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-4797

    The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user's identity prior to setting a... Read more

    Affected Products : golo
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Authentication

  • 7.2

    HIGH
    CVE-2025-4224

    The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possibl... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.3

    MEDIUM
    CVE-2025-4047

    The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for au... Read more

    Affected Products : broken_link_checker
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Authorization

  • 5.6

    MEDIUM
    CVE-2025-2939

    The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.0.18 via deserialization of untrusted input from the args[callback] parameter . This makes it possible for unauth... Read more

    Affected Products : ninja_tables
    • Published: Jun. 03, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-5419

    Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • Actively Exploited
    • Published: Jun. 03, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-5068

    Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)... Read more

    Affected Products : chrome edge_chromium
    • Published: Jun. 03, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Memory Corruption

  • 4.3

    MEDIUM
    CVE-2025-49164

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of cd1c2d78f2cba1f73ca7e697b4a485f49a8a7d0c8b0fdc9f51ced50f2530668a.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Cryptography

  • 6.7

    MEDIUM
    CVE-2025-49163

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow booting an arbitrary image via a crafted /usr/bin/gunzip file.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Misconfiguration

  • 6.4

    MEDIUM
    CVE-2025-49162

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename.... Read more

    Affected Products :
    • Published: Jun. 03, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Misconfiguration

  • 6.4

    MEDIUM
    CVE-2025-3919

    The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_settings function in all versions up to, and including, 2.4.3. Additionally, the plugin fails to p... Read more

    • Published: Jun. 02, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Authentication
Showing 20 of 291722 Results