Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.0

    HIGH
    CVE-2025-10838

    A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function sub_45BB10 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to buffer overflow. It is possible to initiate the attack remo... Read more

    Affected Products : ac21_firmware
    • Published: Sep. 23, 2025
    • Modified: Sep. 24, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10757

    A weakness has been identified in UTT 1200GW up to 3.0.0-170831. The affected element is an unknown function of the file /goform/formConfigDnsFilterGlobal. This manipulation of the argument GroupName causes buffer overflow. The attack can be initiated rem... Read more

    Affected Products :
    • Published: Sep. 21, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10773

    A security flaw has been discovered in B-Link BL-AC2100 up to 1.0.3. Affected by this issue is the function delshrpath of the file /goform/set_delshrpath_cfg of the component Web Management Interface. The manipulation of the argument Type results in stack... Read more

    Affected Products :
    • Published: Sep. 22, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10948

    A vulnerability has been found in MikroTik RouterOS 7. This affects the function parse_json_element of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow. The attack is possible to be carried out remotel... Read more

    Affected Products :
    • Published: Sep. 25, 2025
    • Modified: Sep. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10815

    A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overfl... Read more

    Affected Products : ac20_firmware
    • Published: Sep. 22, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    CRITICAL
    CVE-2025-55244

    Azure Bot Service Elevation of Privilege Vulnerability... Read more

    Affected Products : azure_bot_service
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025

  • 9.0

    CRITICAL
    CVE-2025-53690

    Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.... Read more

    • Actively Exploited
    • Published: Sep. 03, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Injection

  • 9.0

    HIGH
    CVE-2025-9813

    A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument samba_userNameSda leads to buffer overflow. It is possible to initiate the attack rem... Read more

    Affected Products : ch22_firmware ch22
    • Published: Sep. 02, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-9812

    A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remo... Read more

    Affected Products : ch22_firmware ch22
    • Published: Sep. 02, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-9780

    A flaw has been found in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this issue is the function sub_419BE0 of the file /boafrm/formIpQoS. This manipulation of the argument mac causes buffer overflow. The attack can be initiated remotely. The exploit ... Read more

    Affected Products : a702r_firmware a702r
    • Published: Sep. 01, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-9782

    A vulnerability was found in TOTOLINK A702R 4.0.0-B20211108.1423. This vulnerability affects the function sub_4466F8 of the file /boafrm/formOneKeyAccessButton. Performing manipulation of the argument submit-url results in buffer overflow. The attack may ... Read more

    Affected Products : a702r_firmware a702r
    • Published: Sep. 01, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10942

    A vulnerability was identified in H3C Magic B3 up to 100R002. This affects the function AddMacList of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack can be initiated remotely. The exploit is publicly ... Read more

    Affected Products :
    • Published: Sep. 25, 2025
    • Modified: Sep. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10172

    A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. ... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 11, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-9779

    A vulnerability was detected in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this vulnerability is the function sub_4162DC of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in buffer overflow. It is possible to launch th... Read more

    Affected Products : a702r_firmware a702r
    • Published: Sep. 01, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10171

    A vulnerability was detected in UTT 1250GW up to 3.2.2-200710. This vulnerability affects the function sub_453DC of the file /goform/formConfigApConfTemp. Performing manipulation results in buffer overflow. Remote exploitation of the attack is possible. T... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 11, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    CRITICAL
    CVE-2025-30039

    Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows takeover of any user session logged into the system, including users with admin privileges.... Read more

    Affected Products :
    • Published: Aug. 27, 2025
    • Modified: Aug. 29, 2025
    • Vuln Type: Authentication

  • 9.0

    HIGH
    CVE-2025-10792

    A security vulnerability has been detected in D-Link DIR-513 A1FW110. Affected is an unknown function of the file /goform/formWPS. Such manipulation of the argument webpage leads to buffer overflow. The attack may be performed from remote. The exploit has... Read more

    Affected Products : dir-513_firmware
    • Published: Sep. 22, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-9526

    A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rm_port leads to stack-based buffer overflow. The attack can be launched remotel... Read more

    Affected Products :
    • Published: Aug. 27, 2025
    • Modified: Aug. 29, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-9781

    A vulnerability has been found in TOTOLINK A702R 4.0.0-B20211108.1423. This affects the function sub_4162DC of the file /boafrm/formFilter. Such manipulation of the argument ip6addr leads to buffer overflow. The attack can be launched remotely. The exploi... Read more

    Affected Products : a702r_firmware a702r
    • Published: Sep. 01, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-10756

    A security flaw has been discovered in UTT HiPER 840G up to 3.1.1-190328. Impacted is an unknown function of the file /goform/getOneApConfTempEntry. The manipulation of the argument tempName results in buffer overflow. It is possible to launch the attack ... Read more

    Affected Products :
    • Published: Sep. 20, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4416 Results