Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-50000

    Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formResetMeshNode.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-50002

    Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formRebootMeshNode.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-40301

    NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.... Read more

    Affected Products : ngeniuspulse
    • Published: Dec. 07, 2023
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2024-32499

    Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.... Read more

    Affected Products : project_center_server
    • Published: Apr. 28, 2025
    • Modified: May. 10, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2023-49405

    Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-4031

    A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The atta... Read more

    Affected Products : pre-school_enrollment_system
    • Published: Apr. 28, 2025
    • Modified: May. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-45947

    An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary code via the /obbs/change-password.php file of the My Account - Change Password component... Read more

    Affected Products : online_banquet_booking_system
    • Published: Apr. 28, 2025
    • Modified: Apr. 30, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-4034

    A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection.... Read more

    • Published: Apr. 28, 2025
    • Modified: May. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2023-6579

    A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this issue is some unknown functionality of the file /b2b-supermarket/shopping-cart of the component POST Parameter Handler. The manipulation of the argument es... Read more

    Affected Products : oscommerce
    • Published: Dec. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-43742

    An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an unauthenticated attacker to obtain an administrative session via a protection mechani... Read more

    • Published: Dec. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-4039

    A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/search-pass.php. The manipulation of the argument searchdata leads to sql injec... Read more

    Affected Products : rail_pass_management_system
    • Published: Apr. 28, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2023-49007

    In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd.... Read more

    Affected Products : rbr750_firmware rbr750
    • Published: Dec. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-6619

    A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /modals/class_form.php. The manipulation of the argument id leads to sql inje... Read more

    Affected Products : simple_student_attendance_system
    • Published: Dec. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-48425

    U-Boot vulnerability resulting in persistent Code Execution ... Read more

    Affected Products : android chromecast_firmware chromecast
    • Published: Dec. 11, 2023
    • Modified: May. 27, 2025

  • 9.8

    CRITICAL
    CVE-2025-8921

    A vulnerability has been found in code-projects Job Diary 1.0. Affected by this issue is some unknown functionality of the file /user-apply.php. The manipulation of the argument job_title leads to sql injection. The attack may be launched remotely. The ex... Read more

    Affected Products : job_diary
    • Published: Aug. 13, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2023-35175

    Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.... Read more

    • Published: Jun. 30, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-4849

    A vulnerability, which was classified as critical, has been found in IBOS OA 4.5.5. Affected by this issue is some unknown functionality of the file ?r=file/dashboard/trash&op=del. The manipulation of the argument fids leads to sql injection. The attack m... Read more

    Affected Products : ibos
    • Published: Sep. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-4852

    A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=dashboard/database/optimize. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has be... Read more

    Affected Products : ibos
    • Published: Sep. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-5678

    PHP remote file inclusion vulnerability in common/visiteurs/include/library.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP ... Read more

    Affected Products : phpmyconferences les_visiteurs
    • Published: Nov. 03, 2006
    • Modified: Apr. 09, 2025

  • 9.8

    CRITICAL
    CVE-2023-30912

    A remote code execution issue exists in HPE OneView. ... Read more

    Affected Products : oneview oneview
    • Published: Oct. 25, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 294287 Results