Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-64430

    Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions 4.2.0 through 7.5.3, and 8.0.0 through 8.3.1-alpha.1, there is a Server-Side Request Forgery (SSRF) vulnerability in the file upload functi... Read more

    Affected Products : parse-server
    • Published: Nov. 07, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Server-Side Request Forgery

  • 7.5

    HIGH
    CVE-2025-65002

    Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters.... Read more

    Affected Products :
    • Published: Nov. 12, 2025
    • Modified: Nov. 14, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2025-11735

    The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to blind SQL Injection via the `phrase` parameter in all versions up to, and including, 1.3.7.1 due to insufficient escaping on the user supplied parameter and lac... Read more

    • Published: Oct. 28, 2025
    • Modified: Oct. 30, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-60561

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEmail.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60559

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetDomainFilter.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60552

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formTcpipSetup.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-13170

    A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/edit_account.php. Performing manipulation of the argument admin_id results in sql injection. The attack... Read more

    • Published: Nov. 14, 2025
    • Modified: Nov. 14, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-60551

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the next_page parameter in the function formDeviceReboot.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60549

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAutoDetecWAN_wizard4.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60571

    D-Link DIR600LAx FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetQoS.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60569

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetRoute.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60556

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWizard1.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60550

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formEasySetTimezone.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60572

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvNetwork.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60568

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvFirewall.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-60570

    D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLogDnsquery.... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: Oct. 24, 2025
    • Modified: Oct. 28, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-13247

    A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the ... Read more

    Affected Products :
    • Published: Nov. 16, 2025
    • Modified: Nov. 16, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-63248

    DWSurvey 6.14.0 is vulnerable to Incorrect Access Control. When deleting a questionnaire, replacing the questionnaire ID with the ID of another questionnaire can enable the deletion of other questionnaires.... Read more

    Affected Products :
    • Published: Nov. 05, 2025
    • Modified: Nov. 06, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-63149

    Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Nov. 10, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-63154

    TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.... Read more

    Affected Products :
    • Published: Nov. 10, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Denial of Service
Showing 20 of 3710 Results