Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-3824

    The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack... Read more

    Affected Products : base64_encoderdecoder
    • Published: May. 15, 2024
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2023-35723

    D-Link DIR-X3260 prog.cgi SOAPAction Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not require... Read more

    Affected Products : dir-x3260_firmware dir-x3260
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2023-41230

    D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentic... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2023-41229

    D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentica... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41228

    D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication ... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41227

    D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenti... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41226

    D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentic... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41225

    D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenticat... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41224

    D-Link DIR-3040 prog.cgi SetDeviceSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41223

    D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenti... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41221

    D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenticat... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41220

    D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authenticati... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41219

    D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41218

    D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication i... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 7.1

    HIGH
    CVE-2023-41217

    D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Aut... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41216

    D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentica... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 6.8

    MEDIUM
    CVE-2023-41222

    D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication i... Read more

    Affected Products : dir-3040_firmware dir-3040
    • Published: May. 03, 2024
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2023-5677

    Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with... Read more

    • EPSS Score: %0.12
    • Published: Feb. 05, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2024-46076

    RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the injection of malicious code.... Read more

    Affected Products : ruoyi
    • Published: Oct. 07, 2024
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2025-4467

    A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesig... Read more

    Affected Products : online_student_clearance_system
    • Published: May. 09, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Injection
Showing 20 of 291779 Results