Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-28037

    TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.... Read more

    • Published: Apr. 22, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-28038

    TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter.... Read more

    Affected Products : ex1200t_firmware ex1200t
    • Published: Apr. 22, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-28039

    TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter.... Read more

    Affected Products : ex1200t_firmware ex1200t
    • Published: Apr. 22, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 4.3

    MEDIUM
    CVE-2022-45210

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.06
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 4.3

    MEDIUM
    CVE-2022-45208

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.06
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-45207

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.39
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-45206

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.08
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 5.3

    MEDIUM
    CVE-2022-45205

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.22
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 8.8

    HIGH
    CVE-2022-45193

    CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.... Read more

    Affected Products : cbrn-analysis
    • EPSS Score: %0.03
    • Published: Nov. 12, 2022
    • Modified: Apr. 29, 2025

  • 9.1

    CRITICAL
    CVE-2022-45152

    A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a bl... Read more

    • EPSS Score: %0.38
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44860

    Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/transactions/update_status.php.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44859

    Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/admin/products/manage_product.php.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44858

    Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/view_product.php.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44844

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function.... Read more

    Affected Products : a7100ru_firmware a7100ru
    • EPSS Score: %1.39
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44843

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function.... Read more

    Affected Products : a7100ru_firmware a7100ru
    • EPSS Score: %1.39
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.8

    HIGH
    CVE-2022-44725

    OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).... Read more

    • EPSS Score: %0.05
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2022-44411

    Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack.... Read more

    Affected Products : web_based_quiz_system
    • EPSS Score: %0.06
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44403

    Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44402

    Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 8.8

    HIGH
    CVE-2022-44384

    An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file.... Read more

    Affected Products : rconfig
    • EPSS Score: %0.06
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025
Showing 20 of 291401 Results