Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-3681

    A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MODE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-3589

    A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manage_class.php. The manipulation of the argument ID leads to sql injection. It is possible to ... Read more

    Affected Products : music_class_enrollment_system
    • Published: Apr. 14, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2023-47004

    Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication.... Read more

    Affected Products : redisgraph
    • EPSS Score: %0.43
    • Published: Nov. 06, 2023
    • Modified: Apr. 29, 2025

  • 7.8

    HIGH
    CVE-2023-40117

    In resetSettingsLocked of SettingsProvider.java, there is a possible lockscreen bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit... Read more

    Affected Products : android
    • EPSS Score: %0.00
    • Published: Oct. 27, 2023
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44807

    D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.... Read more

    Affected Products : dir-882_firmware dir-882
    • EPSS Score: %0.42
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44806

    D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.... Read more

    Affected Products : dir-882_firmware dir-882
    • EPSS Score: %1.60
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44804

    D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.... Read more

    Affected Products : dir-882_firmware dir-882
    • EPSS Score: %0.42
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44801

    D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.... Read more

    Affected Products : dir-878_firmware dir-878
    • EPSS Score: %1.15
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44202

    D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.... Read more

    Affected Products : dir-878_firmware dir-878
    • EPSS Score: %1.60
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44172

    Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.... Read more

    Affected Products : ac18_firmware ac18
    • EPSS Score: %0.15
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44171

    Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.... Read more

    Affected Products : ac18_firmware ac18
    • EPSS Score: %0.15
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2022-44169

    Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer.... Read more

    Affected Products : ac15_firmware ac15
    • EPSS Score: %0.10
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-43179

    Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=.... Read more

    Affected Products : online_leave_management_system
    • EPSS Score: %0.09
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 9.6

    CRITICAL
    CVE-2022-43143

    A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container.... Read more

    Affected Products : beekeeper-studio
    • EPSS Score: %0.38
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 5.4

    MEDIUM
    CVE-2022-43117

    Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters.... Read more

    Affected Products : password_storage_application
    • EPSS Score: %1.40
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2022-42891

    A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the a... Read more

    • EPSS Score: %0.16
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2022-42734

    A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the a... Read more

    • EPSS Score: %0.16
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2022-42733

    A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper read access control that could allow files to be retrieved from any folder accessible... Read more

    • EPSS Score: %0.22
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 4.8

    MEDIUM
    CVE-2022-42096

    Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content.... Read more

    Affected Products : backdrop backdrop_cms
    • EPSS Score: %5.79
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 4.8

    MEDIUM
    CVE-2022-40470

    Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature.... Read more

    Affected Products : blood_donor_management_system
    • EPSS Score: %1.40
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025
Showing 20 of 291216 Results