Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2025-40712

    SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/DescargarFactura.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-40717

    SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pagina.filter.categoria mensaje in /QuiterGatewayWeb/api/v1/sucesospagin... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-34096

    A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long Email parameter. The application fails to p... Read more

    Affected Products :
    • Published: Jul. 10, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Memory Corruption

  • 9.3

    CRITICAL
    CVE-2025-24759

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory allows Blind SQL Injection. This issue affects WP-BusinessDirectory: from n/a throu... Read more

    Affected Products :
    • Published: Jul. 16, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2013-10051

    A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to unsafe use of eval() within the search view handler. Specifically, user-supplied input passed via the look parameter is concatenated into a PHP expression and ex... Read more

    Affected Products : instantcms
    • Published: Aug. 01, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-53417

    DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability... Read more

    Affected Products :
    • Published: Aug. 05, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Path Traversal

  • 9.3

    CRITICAL
    CVE-2010-10013

    An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as Pydio Cells) versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied i... Read more

    Affected Products : ajaxplorer
    • Published: Aug. 08, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2012-10038

    Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in upload_banners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These file... Read more

    Affected Products :
    • Published: Aug. 11, 2025
    • Modified: Aug. 11, 2025
    • Vuln Type: Authentication

  • 9.3

    CRITICAL
    CVE-2025-52720

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection. This issue affects Super Store Finder: from n/a through 7.5.... Read more

    Affected Products : super_store_finder
    • Published: Aug. 14, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2016-6704

    An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the co... Read more

    Affected Products : android
    • EPSS Score: %0.17
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6705

    An elevation of privilege vulnerability in Mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privile... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6707

    An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Hig... Read more

    Affected Products : android
    • EPSS Score: %2.05
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6730

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of ... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6732

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of ... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6734

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of ... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6735

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of ... Read more

    Affected Products : android
    • EPSS Score: %0.11
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6741

    An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6745

    An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first re... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6699

    A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critic... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Dec. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6706

    An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because ... Read more

    Affected Products : android
    • EPSS Score: %0.12
    • Published: Dec. 13, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291641 Results