Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-3316

    A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-invoices.php. The manipulation of the argument searchdata leads to sql injection. ... Read more

    Affected Products : men_salon_management_system
    • Published: Apr. 06, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-3313

    A vulnerability, which was classified as critical, was found in PHPGurukul Men Salon Management System 1.0. Affected is an unknown function of the file /admin/add-customer.php. The manipulation of the argument Name leads to sql injection. It is possible t... Read more

    Affected Products : men_salon_management_system
    • Published: Apr. 06, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-3312

    A vulnerability, which was classified as critical, has been found in PHPGurukul Men Salon Management System 1.0. This issue affects some unknown processing of the file /admin/add-customer-services.php. The manipulation of the argument sids[] leads to sql ... Read more

    Affected Products : men_salon_management_system
    • Published: Apr. 06, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57235

    NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.... Read more

    Affected Products : rax50_firmware rax50
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57234

    NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.... Read more

    Affected Products : rax50_firmware rax50
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57233

    NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.... Read more

    Affected Products : rax50_firmware rax50
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57232

    NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.... Read more

    Affected Products : rax50_firmware rax50
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57231

    NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.... Read more

    Affected Products : rax50_firmware rax50
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57230

    NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.... Read more

    Affected Products : rax50_firmware rax50
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-57229

    NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.... Read more

    Affected Products : rax50_firmware rax50
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 6.1

    MEDIUM
    CVE-2025-3392

    A vulnerability was found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the ar... Read more

    Affected Products : oa_system
    • Published: Apr. 08, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-45322

    kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter.... Read more

    Affected Products : online_service_management_portal
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-45321

    kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword.... Read more

    Affected Products : online_service_management_portal
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-45320

    A Directory Listing Vulnerability was found in the /osms/Requester/ directory of the Kashipara Online Service Management Portal V1.0.... Read more

    Affected Products : online_service_management_portal
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-2034

    A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-class.php?cid=1. The manipulation of the argument classname/capaci... Read more

    Affected Products : pre-school_enrollment_system
    • Published: Mar. 06, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-45042

    Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.... Read more

    Affected Products : ac9_firmware ac9
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 6.9

    MEDIUM
    CVE-2025-4271

    A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog ... Read more

    Affected Products : a720r_firmware a720r
    • Published: May. 05, 2025
    • Modified: May. 07, 2025

  • 7.5

    HIGH
    CVE-2025-4270

    A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getI... Read more

    Affected Products : a720r_firmware a720r
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Information Disclosure

  • 6.9

    MEDIUM
    CVE-2025-4269

    A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDia... Read more

    Affected Products : a720r_firmware a720r
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Authorization

  • 6.9

    MEDIUM
    CVE-2025-4268

    A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authe... Read more

    Affected Products : a720r_firmware a720r
    • Published: May. 05, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Authentication
Showing 20 of 291641 Results