Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-0252

    There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803... Read more

    Affected Products : android
    • EPSS Score: %0.20
    • Published: Aug. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-24260

    A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level.... Read more

    Affected Products : voipmonitor
    • EPSS Score: %89.80
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-50494

    Unrestricted Upload of File with Dangerous Type vulnerability in Amin Omer Sudan Payment Gateway for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Sudan Payment Gateway for WooCommerce: from n/a through 1.2.2.... Read more

    Affected Products :
    • Published: Oct. 29, 2024
    • Modified: Oct. 29, 2024

  • 10.0

    CRITICAL
    CVE-2018-1000644

    Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML External Entity (XXE) vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This ... Read more

    Affected Products : rdf4j
    • EPSS Score: %0.38
    • Published: Aug. 20, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-8731

    PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot.... Read more

    Affected Products : phpmemcachedadmin
    • EPSS Score: %47.14
    • Published: Mar. 23, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    CRITICAL
    CVE-2024-52379

    Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies Sdn Bhd kineticPay for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects kineticPay for WooCommerce: from n/a through 2.0.8.... Read more

    Affected Products :
    • Published: Nov. 14, 2024
    • Modified: Nov. 15, 2024

  • 10.0

    HIGH
    CVE-2014-9373

    Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. (dot dot) in the filename.... Read more

    Affected Products : netflow_analyzer netflow_analyzer
    • EPSS Score: %9.01
    • Published: Dec. 16, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-29394

    TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.... Read more

    Affected Products : n600r_firmware n600r
    • EPSS Score: %0.46
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-0229

    The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted session on TCP port 14000 to (1) ihDataArchiv... Read more

    • EPSS Score: %4.32
    • Published: Mar. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2025-32510

    Unrestricted Upload of File with Dangerous Type vulnerability in Ovatheme Ovatheme Events Manager allows Using Malicious Files.This issue affects Ovatheme Events Manager: from n/a through 1.8.4.... Read more

    Affected Products :
    • Published: Jun. 17, 2025
    • Modified: Jul. 30, 2025

  • 10.0

    CRITICAL
    CVE-2020-8974

    In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusab... Read more

    • EPSS Score: %0.09
    • Published: Oct. 17, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-3418

    config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.... Read more

    Affected Products : netmri
    • EPSS Score: %27.21
    • Published: Jul. 15, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2006-4461

    Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors.... Read more

    Affected Products : ipcheck_server_monitor
    • EPSS Score: %0.39
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2025-47687

    Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for WooCommerce allows Upload a Web Shell to a Web Server. This issue affects StoreKeeper for WooCommerce: from n/a through 14.4.4.... Read more

    Affected Products :
    • Published: May. 23, 2025
    • Modified: May. 23, 2025

  • 10.0

    HIGH
    CVE-2022-25445

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.... Read more

    Affected Products : ac6_firmware ac6
    • EPSS Score: %2.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-25451

    Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function.... Read more

    Affected Products : ac6_firmware ac6
    • EPSS Score: %0.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-25452

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function.... Read more

    Affected Products : ac6_firmware ac6
    • EPSS Score: %0.39
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-29127

    An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppa... Read more

    • EPSS Score: %0.54
    • Published: Nov. 30, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-25521

    NUUO v03.11.00 was discovered to contain access control issue.... Read more

    Affected Products : network_video_recorder_firmware
    • EPSS Score: %0.35
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-4643

    Stack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSER... Read more

    Affected Products : odyssey_access_client
    • EPSS Score: %4.09
    • Published: Feb. 15, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 290983 Results