Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2025-53187

    Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the system time, access f... Read more

    Affected Products :
    • Published: Aug. 11, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Authentication

  • 8.1

    HIGH
    CVE-2024-47258

    2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices. 2N has currently released an updated version 3.3 of 2N Access Commander, with added Certifi... Read more

    Affected Products : access_commander
    • Published: Feb. 06, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2024-47255

    In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions.... Read more

    Affected Products : access_commander
    • Published: Nov. 05, 2024
    • Modified: Sep. 04, 2025

  • 7.2

    HIGH
    CVE-2024-47254

    In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the system.... Read more

    Affected Products : access_commander
    • Published: Nov. 05, 2024
    • Modified: Sep. 04, 2025

  • 9.8

    CRITICAL
    CVE-2025-5310

    Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.... Read more

    Affected Products :
    • Published: Jun. 27, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Misconfiguration

  • 7.1

    HIGH
    CVE-2024-39550

    A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port... Read more

    Affected Products : junos mx240 mx480 mx960
    • Published: Jul. 11, 2024
    • Modified: Sep. 04, 2025

  • 6.5

    MEDIUM
    CVE-2023-50224

    TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is no... Read more

    Affected Products : tl-wr841n_firmware tl-wr841n
    • Actively Exploited
    • Published: May. 03, 2024
    • Modified: Sep. 04, 2025

  • 8.1

    HIGH
    CVE-2025-3935

    ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys.  It is important to n... Read more

    Affected Products : screenconnect
    • Actively Exploited
    • Published: Apr. 25, 2025
    • Modified: Sep. 03, 2025
    • Vuln Type: Injection

  • 10.0

    HIGH
    CVE-2022-2068

    In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292... Read more

    • Published: Jun. 21, 2022
    • Modified: Sep. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-36535

    Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.... Read more

    Affected Products : meshery
    • Published: Jul. 24, 2024
    • Modified: Sep. 03, 2025

  • 7.0

    HIGH
    CVE-2024-42050

    The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProvider_Inst.reg.... Read more

    Affected Products : streamer
    • Published: Jul. 28, 2024
    • Modified: Sep. 03, 2025

  • 7.8

    HIGH
    CVE-2024-42051

    The MSI installer for Splashtop Streamer for Windows before 3.6.2.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg.... Read more

    Affected Products : streamer
    • Published: Jul. 28, 2024
    • Modified: Sep. 03, 2025

  • 7.8

    HIGH
    CVE-2024-42053

    The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder.... Read more

    Affected Products : streamer
    • Published: Jul. 28, 2024
    • Modified: Sep. 03, 2025

  • 5.3

    MEDIUM
    CVE-2024-45165

    An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "(c)2007 UCI Software GmbH B.Boll" (without quotes). The key is both static and ... Read more

    Affected Products : idol2
    • Published: Aug. 22, 2024
    • Modified: Sep. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-45166

    An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (D... Read more

    Affected Products : idol2
    • Published: Aug. 22, 2024
    • Modified: Sep. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-45167

    An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (D... Read more

    Affected Products : idol2
    • Published: Aug. 22, 2024
    • Modified: Sep. 03, 2025

  • 9.1

    CRITICAL
    CVE-2024-45168

    An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable.... Read more

    Affected Products : idol2
    • Published: Aug. 22, 2024
    • Modified: Sep. 03, 2025

  • 4.3

    MEDIUM
    CVE-2024-43031

    autMan v2.9.6 was discovered to contain an access control issue.... Read more

    Affected Products : autman
    • Published: Aug. 23, 2024
    • Modified: Sep. 03, 2025

  • 4.3

    MEDIUM
    CVE-2024-43032

    autMan v2.9.6 allows attackers to bypass authentication via a crafted web request.... Read more

    Affected Products : autman
    • Published: Aug. 23, 2024
    • Modified: Sep. 03, 2025

  • 7.5

    HIGH
    CVE-2022-34661

    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < ... Read more

    Affected Products : teamcenter
    • Published: Aug. 10, 2022
    • Modified: Sep. 03, 2025
Showing 20 of 293192 Results