Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-1894

    A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injec... Read more

    Affected Products : restaurant_table_booking_system
    • Published: Mar. 04, 2025
    • Modified: Mar. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-12044

    A remote code execution vulnerability exists in open-mmlab/mmdetection version v3.3.0. The vulnerability is due to the use of the `pickle.loads()` function in the `all_reduce_dict()` distributed training API without proper sanitization. This allows an att... Read more

    Affected Products :
    • Published: Mar. 20, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2641

    A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-artist-detail.php?editid=1. The manipulation of the argument Na... Read more

    Affected Products : art_gallery_management_system
    • Published: Mar. 23, 2025
    • Modified: Apr. 02, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2646

    A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber le... Read more

    Affected Products : art_gallery_management_system
    • Published: Mar. 23, 2025
    • Modified: Apr. 02, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2658

    A vulnerability, which was classified as critical, has been found in PHPGurukul Online Security Guards Hiring System 1.0. Affected by this issue is some unknown functionality of the file /search-request.php. The manipulation of the argument searchdata lea... Read more

    • Published: Mar. 23, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2659

    A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /student/index.php. The manipulation of the argument e leads to sql injection. It is possible to initi... Read more

    Affected Products : online_time_table_generator
    • Published: Mar. 23, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2682

    A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file /edit-subadmin.php?said=3. The manipulation of the argument mobilenumber leads to sql injection. It is possible... Read more

    • Published: Mar. 24, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2735

    A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-services.php. The manipulation of the argument sertitle leads to ... Read more

    Affected Products : old_age_home_management_system
    • Published: Mar. 25, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2739

    A vulnerability was found in PHPGurukul Old Age Home Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-services.php. The manipulation of the argument sertitle leads to sql injection.... Read more

    Affected Products : old_age_home_management_system
    • Published: Mar. 25, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-48818

    An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to execute arbitrary code.... Read more

    Affected Products :
    • Published: Mar. 25, 2025
    • Modified: Mar. 27, 2025

  • 9.8

    CRITICAL
    CVE-2025-28916

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Docpro allows PHP Local File Inclusion. This issue affects Docpro: from n/a through 2.0.1.... Read more

    Affected Products :
    • Published: Mar. 26, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-26004

    Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns.... Read more

    Affected Products : tlr-2005ksh_firmware tlr-2005ksh
    • Published: Mar. 26, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-2737

    A vulnerability was found in PHPGurukul Old Age Home Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. It is possibl... Read more

    Affected Products : old_age_home_management_system
    • Published: Mar. 25, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-29306

    An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.... Read more

    Affected Products : foxcms
    • Published: Mar. 27, 2025
    • Modified: Jun. 09, 2025

  • 9.8

    CRITICAL
    CVE-2024-49601

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, lead... Read more

    Affected Products : unity_operating_environment
    • Published: Mar. 28, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-30372

    Emlog is an open source website building system. Emlog Pro versions pro-2.5.7 and pro-2.5.8 contain an SQL injection vulnerability. `search_controller.php` does not use addslashes after urldecode, allowing the preceeding addslashes to be bypassed by URL d... Read more

    Affected Products : emlog
    • Published: Mar. 28, 2025
    • Modified: Apr. 14, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-24292

    A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function in the aim.js component.... Read more

    Affected Products : software_development_kit
    • Published: Mar. 28, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-25579

    TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr.... Read more

    Affected Products : a3002r_firmware a3002r
    • Published: Mar. 28, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-13804

    Unauthenticated RCE in HPE Insight Cluster Management Utility... Read more

    Affected Products :
    • Published: Mar. 30, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-26683

    Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network.... Read more

    Affected Products : azure_playwright
    • Published: Mar. 31, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Authorization
Showing 20 of 293331 Results