Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-6490

    During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user to manipulate requests on behalf of the victim and thereby delete all of the sliders inside Master Slider WordPress pl... Read more

    Affected Products : master_slider
    • Published: Jul. 26, 2024
    • Modified: May. 27, 2025

  • 8.0

    HIGH
    CVE-2023-51147

    Buffer Overflow vulnerability in TRENDnet Trendnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via the adm_mod_pwd action.... Read more

    Affected Products : tew-821dap_firmware tew-821dap
    • Published: Mar. 26, 2024
    • Modified: May. 27, 2025

  • 6.3

    MEDIUM
    CVE-2025-44867

    Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckTools function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.... Read more

    Affected Products : w20e_firmware w20e
    • Published: May. 01, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Injection

  • 8.0

    HIGH
    CVE-2023-51148

    An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component.... Read more

    Affected Products : tew-821dap_firmware tew-821dap
    • Published: Mar. 26, 2024
    • Modified: May. 27, 2025

  • 9.0

    HIGH
    CVE-2025-4896

    A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/UserCongratulationsExec. The manipulation of the argument getuid leads to buffer overflow. The attack ... Read more

    Affected Products : ac10_firmware ac10
    • Published: May. 18, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-4897

    A vulnerability was found in Tenda A15 15.13.07.09/15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/multimodalAdd of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is... Read more

    Affected Products : a15_firmware a15
    • Published: May. 18, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-4903

    A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This affects the function sub_41F4F0 of the file /H5/webgl.asp?tggl_port=0&remote_management=0&http_passwd=game&exec_service=admin-restart. The manipula... Read more

    Affected Products : di-7003g_firmware di-7003g
    • Published: May. 19, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Authentication

  • 6.9

    MEDIUM
    CVE-2025-4904

    A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. This vulnerability affects the function sub_41F0FC of the file /H5/webgl.data. The manipulation leads to information disclosure. The attack can be initi... Read more

    Affected Products : di-7003g_firmware di-7003g
    • Published: May. 19, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Information Disclosure

  • 7.4

    HIGH
    CVE-2020-14593

    Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated a... Read more

    • Published: Jul. 15, 2020
    • Modified: May. 27, 2025

  • 8.3

    HIGH
    CVE-2020-14583

    Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthen... Read more

    • Published: Jul. 15, 2020
    • Modified: May. 27, 2025

  • 7.8

    HIGH
    CVE-2023-40491

    Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerabil... Read more

    Affected Products : cinema_4d cinema_4d
    • Published: May. 03, 2024
    • Modified: May. 27, 2025

  • 8.8

    HIGH
    CVE-2024-37644

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.... Read more

    Affected Products : tew-814dap_firmware tew-814dap
    • Published: Jun. 14, 2024
    • Modified: May. 27, 2025

  • 8.8

    HIGH
    CVE-2024-37641

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule... Read more

    Affected Products : tew-814dap_firmware tew-814dap
    • Published: Jun. 14, 2024
    • Modified: May. 27, 2025

  • 9.1

    CRITICAL
    CVE-2024-37642

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck .... Read more

    Affected Products : tew-814dap_firmware tew-814dap
    • Published: Jun. 14, 2024
    • Modified: May. 27, 2025

  • 8.8

    HIGH
    CVE-2024-37643

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth .... Read more

    Affected Products : tew-814dap_firmware tew-814dap
    • Published: Jun. 14, 2024
    • Modified: May. 27, 2025

  • 8.8

    HIGH
    CVE-2024-37645

    TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog .... Read more

    Affected Products : tew-814dap_firmware tew-814dap
    • Published: Jun. 14, 2024
    • Modified: May. 27, 2025

  • 9.8

    CRITICAL
    CVE-2024-38902

    H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.... Read more

    Affected Products : magic_r230_firmware magic_r230
    • Published: Jun. 24, 2024
    • Modified: May. 27, 2025

  • 8.8

    HIGH
    CVE-2024-31374

    Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. ... Read more

    Affected Products : apppresser
    • Published: Apr. 15, 2024
    • Modified: May. 27, 2025

  • 4.1

    MEDIUM
    CVE-2024-38903

    H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands.... Read more

    Affected Products : magic_r230_firmware magic_r230
    • Published: Jun. 24, 2024
    • Modified: May. 27, 2025

  • 9.8

    CRITICAL
    CVE-2024-42637

    H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.... Read more

    Affected Products : r3010_firmware r3010
    • Published: Aug. 16, 2024
    • Modified: May. 27, 2025
Showing 20 of 293259 Results