Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2023-41229

    D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentica... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41228

    D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication ... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41227

    D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenti... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41226

    D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentic... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41225

    D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenticat... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41224

    D-Link DIR-3040 prog.cgi SetDeviceSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41223

    D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenti... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41221

    D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenticat... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41220

    D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenticati... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41219

    D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41218

    D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication i... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 7.1

    HIGH
    CVE-2023-41217

    D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Aut... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41216

    D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentica... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41222

    D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication i... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2023-5677

    Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with... Read more

    • EPSS Score: %0.12
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2024-46076

    RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the injection of malicious code.... Read more

    Affected Products : ruoyi
    • Published: Oct. 07, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2025-4467

    A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesig... Read more

    Affected Products : online_student_clearance_system
    • Published: May. 09, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-4358

    A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument adminname/mobilenumber leads to sql injection. It i... Read more

    Affected Products : company_visitor_management_system
    • Published: May. 06, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-10969

    A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/login_process.php of the component Login. The manipulation of the argument u... Read more

    Affected Products : bookstore_management_system
    • Published: Nov. 07, 2024
    • Modified: May. 15, 2025

  • 5.9

    MEDIUM
    CVE-2024-8447

    A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or han... Read more

    Affected Products : undertow
    • Published: Jan. 02, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291756 Results