Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-5612

    A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /reporting.php. The manipulation of the argument fullname leads to sql injection. The attack can ... Read more

    Affected Products : online_fire_reporting_system
    • Published: Jun. 04, 2025
    • Modified: Jun. 06, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5621

    A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to os com... Read more

    Affected Products : dir-816_firmware dir-816
    • Published: Jun. 05, 2025
    • Modified: Jun. 06, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5636

    A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SET Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. ... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Jun. 05, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-5637

    A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component SYSTEM Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The e... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Jun. 05, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-5650

    A vulnerability classified as critical was found in 1000projects Online Notice Board 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotel... Read more

    Affected Products : online_notice_board
    • Published: Jun. 05, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5663

    A vulnerability has been found in PHPGurukul Auto Taxi Stand Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-autoortaxi.php. The manipulation of the argument searchdata leads to sql injec... Read more

    • Published: Jun. 05, 2025
    • Modified: Jun. 06, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5664

    A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exp... Read more

    Affected Products : freefloat_ftp_server ftp_server
    • Published: Jun. 05, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-5665

    A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component XCWD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The ... Read more

    Affected Products : freefloat_ftp_server ftp_server
    • Published: Jun. 05, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-5666

    A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component XMKD Command Handler. The manipulation leads to buffer overflow. The attack can be launche... Read more

    Affected Products : freefloat_ftp_server ftp_server
    • Published: Jun. 05, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-5675

    A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /trms/admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate lead... Read more

    • Published: Jun. 05, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5676

    A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=login. The manipulation of the argument Username leads to sql inj... Read more

    • Published: Jun. 05, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5677

    A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=save_application. The manipulation of the argument position_id le... Read more

    • Published: Jun. 05, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5756

    A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/EditCity.php. The manipulation leads to sql injection. T... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5759

    A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. This vulnerability affects unknown code of the file /admin/edit-person-detail.php?editid=2. The manipulation of the argument editid leads to... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-24596

    Missing Authorization vulnerability in WC Product Table WooCommerce Product Table Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Product Table Lite: from n/a through 3.8.7.... Read more

    • Published: Jan. 24, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2019-19608

    A SQL injection vulnerability in in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the registeredList.cgi page. A successful exploit could allow an attacke... Read more

    • Published: Mar. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-24601

    Deserialization of Untrusted Data vulnerability in ThimPress FundPress allows Object Injection. This issue affects FundPress: from n/a through 2.0.6.... Read more

    Affected Products :
    • Published: Jan. 27, 2025
    • Modified: Jan. 27, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57595

    DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface apc_client_pin.cgi, which allows remote attackers to execute arbitrary commands via the parameter "wps_pin" passed to the apc_client_pin.cgi binary through a P... Read more

    Affected Products :
    • Published: Jan. 27, 2025
    • Modified: Jan. 27, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-24093

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3. An app may be able to access removable volumes without user consent.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-24146

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Deleting a conversation in Messages may expose user contact information in system logging.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 293334 Results