Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    CVSS31
    CVE-2025-44614

    Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including credentials and mobile phone numbers, in plaintext.... Read more

    Affected Products :
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.5

    CVSS31
    CVE-2025-5334

    Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances... Read more

    Affected Products : remote_desktop_manager
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.5

    CVSS31
    CVE-2024-22654

    tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.5

    CVSS31
    CVE-2025-48331

    Insertion of Sensitive Information Into Sent Data vulnerability in Vanquish WooCommerce Orders & Customers Exporter allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Orders & Customers Exporter: from n/a through 5.0.... Read more

    Affected Products :
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.5

    CVSS31
    CVE-2024-54952

    MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Se... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.4

    CVSS31
    CVE-2025-2500

    A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded.... Read more

    Affected Products :
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.4

    CVSS31
    CVE-2025-5276

    All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 29, 2025

  • 7.3

    CVSS31
    CVE-2025-46701

    Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 1... Read more

    Affected Products : tomcat
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5357

    A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component PWD Command Handler. The manipulation leads to buffer overflow. The attack can be launched... Read more

    Affected Products : freefloat_ftp_server
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5356

    A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component BYE Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The e... Read more

    Affected Products : freefloat_ftp_server
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5331

    A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploi... Read more

    Affected Products : ftp_server
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5332

    A vulnerability was found in 1000 Projects Online Notice Board 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument email leads to sql injection. The attack may be initiated re... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5361

    A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. This issue affects some unknown processing of the file /contact.php. The manipulation of the argument fullname leads to sql injection. Th... Read more

    Affected Products : online_hospital_management_system
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5360

    A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of the file /book-appointment.php. The manipulation of the argument doctor leads to sql injection. The attack can ... Read more

    Affected Products : online_hospital_management_system
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5363

    A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /doctor/index.php. The manipulation of the argument Username leads to sql ... Read more

    Affected Products : online_hospital_management_system
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5359

    A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /appointment-history.php. The manipulation of the argument ID leads to sql injection. It is possible to init... Read more

    Affected Products : online_hospital_management_system
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5330

    A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component RETR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The ex... Read more

    Affected Products : freefloat_ftp_server
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5358

    A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/tod... Read more

    Affected Products : cyber_cafe_management_system
    • Published: May. 30, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-45474

    maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings.... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.3

    CVSS31
    CVE-2025-5362

    A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql... Read more

    Affected Products : online_hospital_management_system
    • Published: May. 30, 2025
    • Modified: May. 30, 2025
Showing 20 of 192 Results
© cvefeed.io
Latest DB Update: May. 31, 2025 3:44