Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-22884

    Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file.... Read more

    Affected Products : ispsoft
    • Published: Apr. 30, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-22882

    Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file.... Read more

    Affected Products : ispsoft
    • Published: Apr. 30, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Memory Corruption

  • 6.6

    MEDIUM
    CVE-2025-5915

    A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read b... Read more

    • Published: Jun. 09, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Memory Corruption

  • 5.4

    MEDIUM
    CVE-2024-20377

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is ... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 25, 2025

  • 7.8

    HIGH
    CVE-2025-33027

    In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Bandizip. User interaction is required to exploit this... Read more

    Affected Products : bandizip
    • Published: Apr. 15, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Misconfiguration

  • 4.4

    MEDIUM
    CVE-2022-41066

    Microsoft Business Central Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.29
    • Published: Nov. 09, 2022
    • Modified: Aug. 25, 2025

  • 3.5

    LOW
    CVE-2025-31494

    AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebSocket API transmitted node execution updates to subscribers based on the graph_id+g... Read more

    Affected Products : autogpt autogpt_platform
    • Published: Apr. 15, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2023-52226

    Cross-Site Request Forgery (CSRF) vulnerability in Advanced Flamingo.This issue affects Advanced Flamingo: from n/a through 1.0. ... Read more

    Affected Products : advanced-flamingo advanced_flamingo
    • Published: Feb. 28, 2024
    • Modified: Aug. 25, 2025

  • 7.8

    HIGH
    CVE-2023-35709

    Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulne... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 25, 2025

  • 7.8

    HIGH
    CVE-2023-34310

    Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerabili... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 25, 2025

  • 7.8

    HIGH
    CVE-2023-42105

    Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more

    Affected Products : cobalt
    • Published: May. 03, 2024
    • Modified: Aug. 25, 2025

  • 9.8

    CRITICAL
    CVE-2025-32756

    A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through ... Read more

    • Actively Exploited
    • Published: May. 13, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-50578

    LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically `X-Forwarded-Host` and `Referer`. An unauthenticated remote attacker can manipulate these headers to perform Host Header Injection and ... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Misconfiguration

  • 8.2

    HIGH
    CVE-2025-36014

    IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory.... Read more

    • Published: Jul. 07, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-36401

    GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially craf... Read more

    Affected Products : geoserver geotools geoserver
    • Actively Exploited
    • Published: Jul. 01, 2024
    • Modified: Aug. 25, 2025

  • 7.5

    HIGH
    CVE-2025-29361

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/SetVirtualServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: Mar. 13, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-29362

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/setPptpUserList. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: Mar. 13, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-29363

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to buffer overflow via the schedStartTime and schedEndTime parameters at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pack... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: Mar. 13, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Denial of Service

  • 9.8

    CRITICAL
    CVE-2025-4357

    A vulnerability was found in Tenda RX3 16.03.13.11_multi. It has been rated as critical. This issue affects some unknown processing of the file /goform/telnet. The manipulation leads to command injection. The attack may be initiated remotely. The exploit ... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: May. 06, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-49663

    Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.... Read more

    • Published: Jul. 08, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291921 Results