Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2019-1354

    A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.... Read more

    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-1490

    Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Ac... Read more

    • Published: Mar. 25, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-1331

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.... Read more

    • Published: Oct. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2025-31056

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Techspawn WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerce allows SQL Injection. This issue affects Whats... Read more

    Affected Products :
    • Published: May. 23, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-31397

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smartcms Bus Ticket Booking with Seat Reservation for WooCommerce allows SQL Injection. This issue affects Bus Ticket Booking with Seat Reservation for W... Read more

    Affected Products :
    • Published: May. 23, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-39501

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hostel allows Blind SQL Injection. This issue affects Goodlayers Hostel: from n/a through 3.1.2.... Read more

    Affected Products :
    • Published: May. 23, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-39504

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GoodLayers Goodlayers Hotel allows Blind SQL Injection. This issue affects Goodlayers Hotel: from n/a through 3.1.4.... Read more

    Affected Products :
    • Published: May. 23, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-46539

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFable Fable Extra allows Blind SQL Injection. This issue affects Fable Extra: from n/a through 1.0.6.... Read more

    Affected Products :
    • Published: May. 23, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-47640

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows SQL Injection. This issue affects Printcart Web to Print Product Designer for Wo... Read more

    Affected Products :
    • Published: May. 23, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2019-1311

    A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory, aka 'Windows Imaging API Remote Code Execution Vulnerability'.... Read more

    • Published: Oct. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1297

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.... Read more

    Affected Products : office office_365_proplus excel
    • Actively Exploited
    • Published: Sep. 11, 2019
    • Modified: Apr. 07, 2025

  • 9.3

    CRITICAL
    CVE-2025-40671

    SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an attacker to retrieve, create, update and delete databases via the ‘fk_remoto_central’ parameter on the ‘/webservices/articles.php’ endpoint.... Read more

    Affected Products :
    • Published: May. 26, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2025-40664

    Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestionUser.aspx/GetData, /frmGestionUser.aspx/updateUser and /frmGestionUser.aspx/DeleteUser.... Read more

    Affected Products : gim
    • Published: May. 26, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Authentication

  • 9.3

    HIGH
    CVE-2019-1291

    A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-201... Read more

    • Published: Sep. 11, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-1472

    Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote... Read more

    • Published: Mar. 24, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1465

    SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-... Read more

    Affected Products : joomla\! mambo com_restaurante
    • Published: Mar. 24, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1444

    Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI... Read more

    • Published: Jun. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1434

    Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) s... Read more

    • Published: May. 13, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-1188

    A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose ... Read more

    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-1319

    Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a reques... Read more

    Affected Products : versant_object_database
    • Published: Mar. 13, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 294693 Results