Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2025-39413

    Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through 3.5.14.... Read more

    Affected Products : simple_sitemap simple_sitemap
    • Published: Apr. 30, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2025-3215

    A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to sql inject... Read more

    Affected Products : restaurant_table_booking_system
    • Published: Apr. 04, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-3229

    A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /edit-subadmin.php. The manipulation of the argument fullname leads to sql injection. The at... Read more

    Affected Products : restaurant_table_booking_system
    • Published: Apr. 04, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-3235

    A vulnerability was found in PHPGurukul Old Age Home Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/profile.php. The manipulation of the argument adminname/contactnumber leads to sql injection. I... Read more

    Affected Products : old_age_home_management_system
    • Published: Apr. 04, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-3238

    A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Affected is an unknown function of the file /search-request.php. The manipulation of the argument searchdata leads to sql injection. It is possible to la... Read more

    Affected Products : online_fire_reporting_system
    • Published: Apr. 04, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-45841

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function.... Read more

    Affected Products : nr1800x_firmware nr1800x
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-45842

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function.... Read more

    Affected Products : nr1800x_firmware nr1800x
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-45843

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function.... Read more

    Affected Products : nr1800x_firmware nr1800x
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-45844

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function.... Read more

    Affected Products : nr1800x_firmware nr1800x
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-45845

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function.... Read more

    Affected Products : nr1800x_firmware nr1800x
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-26845

    An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.... Read more

    Affected Products : znuny
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-3239

    A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/edit-guard-detail.php. The manipulation of the argument editid leads to sql inje... Read more

    Affected Products : online_fire_reporting_system
    • Published: Apr. 04, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2025-26847

    An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked.... Read more

    Affected Products : znuny
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Information Disclosure

  • 6.3

    MEDIUM
    CVE-2025-30101

    Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service a... Read more

    Affected Products : powerscale_onefs powerscale_onefs
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2025-30102

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.... Read more

    Affected Products : powerscale_onefs powerscale_onefs
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-45787

    TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules.... Read more

    Affected Products : a3100r_firmware a3100r
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-45788

    TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules.... Read more

    Affected Products : a3100r_firmware a3100r
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-45789

    TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParentalRules.... Read more

    Affected Products : a3100r_firmware a3100r
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-45790

    TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cste_modules/firewall.so.... Read more

    Affected Products : a3100r_firmware a3100r
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-45797

    TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.... Read more

    Affected Products : a950rg_firmware a950rg
    • Published: May. 08, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292812 Results