Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2022-43415

    Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.... Read more

    Affected Products : repo
    • EPSS Score: %0.26
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-43045

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.04
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-43044

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_get_meta_item_info at /isomedia/meta.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.03
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-43043

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BD_CheckSFTimeOffset at /bifs/field_decode.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.03
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 7.8

    HIGH
    CVE-2022-43042

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function FixSDTPInTRAF at isomedia/isom_intern.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.07
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 7.8

    HIGH
    CVE-2022-43040

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function gf_isom_box_dump_start_ex at /isomedia/box_funcs.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.05
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-43026

    Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the endIp parameter at /goform/SetPptpServerCfg.... Read more

    Affected Products : tx3_firmware tx3
    • EPSS Score: %0.17
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-43025

    Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg.... Read more

    Affected Products : tx3_firmware tx3
    • EPSS Score: %0.17
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-43024

    Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.... Read more

    Affected Products : tx3_firmware tx3
    • EPSS Score: %0.17
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 8.8

    HIGH
    CVE-2024-39841

    A SQL Injection vulnerability exists in the service configuration functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.... Read more

    Affected Products : centreon_web
    • Published: Aug. 23, 2024
    • Modified: May. 09, 2025

  • 9.1

    CRITICAL
    CVE-2024-33854

    A SQL Injection vulnerability exists in the Graph Template component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.... Read more

    Affected Products : centreon_web
    • Published: Aug. 23, 2024
    • Modified: May. 09, 2025

  • 9.1

    CRITICAL
    CVE-2024-33853

    A SQL Injection vulnerability exists in the Timeperiod component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.... Read more

    Affected Products : centreon_web
    • Published: Aug. 23, 2024
    • Modified: May. 09, 2025

  • 9.1

    CRITICAL
    CVE-2024-33852

    A SQL Injection vulnerability exists in the Downtime component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.... Read more

    Affected Products : centreon_web
    • Published: Aug. 23, 2024
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2024-32501

    A SQL Injection vulnerability exists in the updateServiceHost functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.... Read more

    Affected Products : centreon centreon_web
    • Published: Aug. 23, 2024
    • Modified: May. 09, 2025

  • 8.0

    HIGH
    CVE-2024-52739

    D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.... Read more

    Affected Products : di-8400_firmware di-8400
    • Published: Nov. 20, 2024
    • Modified: May. 09, 2025

  • 9.9

    CRITICAL
    CVE-2024-51478

    YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5.... Read more

    Affected Products : yeswiki
    • Published: Oct. 31, 2024
    • Modified: May. 09, 2025

  • 7.6

    HIGH
    CVE-2025-24017

    YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki's pages which is triggered when a user clicks on a malicious link. The vulnerability makes use of the sea... Read more

    Affected Products : yeswiki
    • Published: Jan. 21, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.1

    HIGH
    CVE-2025-24019

    YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for any authenticated user, through the use of the filemanager to delete any file owned by the user running the FastCGI Process Manager (FPM) on the host withou... Read more

    Affected Products : yeswiki
    • Published: Jan. 21, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Authorization

  • 8.6

    HIGH
    CVE-2025-31131

    YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability is fixed in 4.5.2.... Read more

    Affected Products : yeswiki
    • Published: Apr. 01, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Path Traversal

  • 7.6

    HIGH
    CVE-2025-24018

    YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for an authenticated user with rights to edit/create a page or comment to trigger a stored XSS which will be reflected on any page where the resource is loaded.... Read more

    Affected Products : yeswiki
    • Published: Jan. 21, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291737 Results