Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2025-3489

    A vulnerability was found in Nababur Simple-User-Management-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument name/username leads to cross site sc... Read more

    Affected Products : simple-user-management-system
    • Published: Apr. 10, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-3387

    A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. T... Read more

    Affected Products : renren-security
    • Published: Apr. 07, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-3386

    A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin#links of the component Friendship Link Handler. The manipulation leads to cross site scripting. ... Read more

    Affected Products : pb-cms
    • Published: Apr. 07, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-3385

    A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Classification Management Page. The manipulation of the argument Classification name lead... Read more

    Affected Products : pb-cms
    • Published: Apr. 07, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.8

    HIGH
    CVE-2025-3763

    A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to... Read more

    Affected Products : phone_management_system
    • Published: Apr. 17, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 5.4

    MEDIUM
    CVE-2025-3692

    A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product. The manipulation leads to cross site ... Read more

    Affected Products : online_eyewear_shop
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-3683

    A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component SIZE Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The expl... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-3682

    A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component PASV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exp... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-3681

    A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MODE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-3589

    A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manage_class.php. The manipulation of the argument ID leads to sql injection. It is possible to ... Read more

    Affected Products : music_class_enrollment_system
    • Published: Apr. 14, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2023-47004

    Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication.... Read more

    Affected Products : redisgraph
    • EPSS Score: %0.43
    • Published: Nov. 06, 2023
    • Modified: Apr. 29, 2025

  • 7.8

    HIGH
    CVE-2023-40117

    In resetSettingsLocked of SettingsProvider.java, there is a possible lockscreen bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit... Read more

    Affected Products : android
    • EPSS Score: %0.00
    • Published: Oct. 27, 2023
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44807

    D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.... Read more

    Affected Products : dir-882_firmware dir-882
    • EPSS Score: %0.42
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44806

    D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.... Read more

    Affected Products : dir-882_firmware dir-882
    • EPSS Score: %1.60
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44804

    D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.... Read more

    Affected Products : dir-882_firmware dir-882
    • EPSS Score: %0.42
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44801

    D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.... Read more

    Affected Products : dir-878_firmware dir-878
    • EPSS Score: %1.15
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44202

    D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.... Read more

    Affected Products : dir-878_firmware dir-878
    • EPSS Score: %1.60
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44172

    Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.... Read more

    Affected Products : ac18_firmware ac18
    • EPSS Score: %0.15
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44171

    Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.... Read more

    Affected Products : ac18_firmware ac18
    • EPSS Score: %0.15
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2022-44169

    Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer.... Read more

    Affected Products : ac15_firmware ac15
    • EPSS Score: %0.10
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025
Showing 20 of 291205 Results