Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-29913

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer o... Read more

    Affected Products : cryptolib
    • Published: Mar. 17, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2023-37628

    Online Piggery Management System 1.0 is vulnerable to SQL Injection.... Read more

    • Published: Jul. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-37702

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.... Read more

    Affected Products : fh1203_firmware fh1203
    • Published: Jul. 10, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-32958

    Adept is a language for general purpose programming. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the mac-standalone artifact. This artifact is a zip of the current directory, which includes the auto... Read more

    Affected Products :
    • Published: Apr. 21, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2022-25578

    taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file.... Read more

    Affected Products : taocms
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-32002

    Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier when 'Remote Link3 function' is enabled. If exploited, a remote una... Read more

    Affected Products :
    • Published: May. 15, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-0477

    A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/action/update-deworm.php. The manipulation of the argument usage_deworm leads to sq... Read more

    Affected Products : fighting_cock_information_system
    • Published: Jan. 13, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-25658

    Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,... Read more

    • Published: Sep. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-10968

    A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /contact_process.php. The manipulation of the argument fnm leads to sql in... Read more

    Affected Products : bookstore_management_system
    • Published: Nov. 07, 2024
    • Modified: Dec. 10, 2024

  • 9.8

    CRITICAL
    CVE-2024-47943

    The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long... Read more

    Affected Products :
    • Published: Oct. 15, 2024
    • Modified: Mar. 17, 2025

  • 9.8

    CRITICAL
    CVE-2025-0851

    A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.... Read more

    Affected Products :
    • Published: Jan. 29, 2025
    • Modified: Jan. 29, 2025
    • Vuln Type: Path Traversal

  • 9.8

    CRITICAL
    CVE-2025-3377

    A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component ENC Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The explo... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Apr. 07, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2024-1114

    A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access control... Read more

    Affected Products : openbi
    • Published: Jan. 31, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-4176

    A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as critical. This vulnerability affects unknown code of the file /admin/request-received-bydonar.php. The manipulation of the argument searchdata leads to... Read more

    • Published: May. 01, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2021-42139

    Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations.... Read more

    Affected Products : deno_standard_modules
    • Published: Oct. 11, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-33493

    An Unrestricted Upload of File with Dangerous Type vulnerability in the Ajaxmanager File and Database explorer (ajaxmanager) module for PrestaShop through 2.3.0, allows remote attackers to upload dangerous files without restrictions.... Read more

    Affected Products : ajaxmanager
    • Published: Aug. 01, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-33626

    D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary.... Read more

    Affected Products : dir-600_firmware dir-600
    • Published: Jun. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-4467

    A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesig... Read more

    Affected Products : online_student_clearance_system
    • Published: May. 09, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2022-2643

    A vulnerability has been found in SourceCodester Online Admission System and classified as critical. This vulnerability affects unknown code of the component POST Parameter Handler. The manipulation of the argument shift leads to sql injection. The attack... Read more

    Affected Products : online_admission_system
    • Published: Aug. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-4506

    A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/menu-router.php. The manipulation of the argument 1_price leads to sql injecti... Read more

    Affected Products : online_food_ordering_system
    • Published: May. 10, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Injection
Showing 20 of 294296 Results