Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2025-32050

    A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.... Read more

    • Published: Apr. 03, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-47287

    Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to gene... Read more

    Affected Products : tornado
    • Published: May. 15, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2021-28423

    Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'search... Read more

    • EPSS Score: %2.50
    • Published: Jul. 01, 2021
    • Modified: May. 28, 2025

  • 5.3

    MEDIUM
    CVE-2023-29857

    An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link.... Read more

    Affected Products : teslamate teslamate
    • EPSS Score: %0.08
    • Published: May. 18, 2023
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2022-23126

    TeslaMate before 1.25.1 (when using the default Docker configuration) allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access... Read more

    Affected Products : teslamate teslamate
    • EPSS Score: %0.58
    • Published: Jan. 24, 2022
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2022-44581

    Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2.... Read more

    • Published: May. 17, 2024
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2024-37444

    Missing Authorization vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.7.1.... Read more

    • Published: Nov. 01, 2024
    • Modified: May. 28, 2025

  • 5.3

    MEDIUM
    CVE-2024-25595

    Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1.... Read more

    • Published: May. 17, 2024
    • Modified: May. 28, 2025

  • 5.4

    MEDIUM
    CVE-2025-47851

    In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible... Read more

    Affected Products : teamcity
    • Published: May. 20, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-47852

    In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible... Read more

    Affected Products : teamcity
    • Published: May. 20, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-47853

    In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible... Read more

    Affected Products : teamcity
    • Published: May. 20, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-47854

    In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page... Read more

    Affected Products : teamcity
    • Published: May. 20, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-3243

    A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dental_form.php. The manipulation of the argument itr_no/dental_no leads to sql injection. ... Read more

    • Published: Apr. 04, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-3304

    A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /dental_not.php. The manipulation of the argument itr_no leads to sql injection. It is possible to... Read more

    • Published: Apr. 05, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-3347

    A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /dental_pending.php. The manipulation of the argument ID leads to sql injection. It is possible to initia... Read more

    • Published: Apr. 07, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-3348

    A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. This vulnerability affects unknown code of the file /edit_dpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be i... Read more

    • Published: Apr. 07, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-3685

    A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file /edit_fpatient.php. The manipulation of the argument ID leads to sql injection. It is possible to laun... Read more

    • Published: Apr. 16, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-4214

    A vulnerability was found in PHPGuruku Online DJ Booking Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads t... Read more

    • Published: May. 02, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-3258

    A vulnerability classified as critical was found in PHPGurukul Old Age Home Management System 1.0. This vulnerability affects unknown code of the file /search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initi... Read more

    Affected Products : old_age_home_management_system
    • Published: Apr. 04, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-3311

    A vulnerability classified as critical was found in PHPGurukul Men Salon Management System 1.0. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be i... Read more

    Affected Products : men_salon_management_system
    • Published: Apr. 06, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection
Showing 20 of 291722 Results