Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-40114

    In the Linux kernel, the following vulnerability has been resolved: iio: light: Add check for array bounds in veml6075_read_int_time_ms The array contains only 5 elements, but the index calculated by veml6075_read_int_time_index can range from 0 to 7, w... Read more

    Affected Products : linux_kernel
    • Published: Apr. 18, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-22925

    OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the table parameter at /attendance/AttendanceCodes.php. The remote, authenticated attacker requires the admin role to successfully exploit this vulnerability.... Read more

    Affected Products : opensis
    • Published: Apr. 02, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-29062

    An issue in BL-AC2100 <=V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the set_LimitClient_cfg of the goahead webservice.... Read more

    Affected Products : bl-ac2100_firmware bl-ac2100
    • Published: Apr. 02, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-29063

    An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/set_hidessid_cfg is not handled properly.... Read more

    Affected Products : bl-ac2100_firmware bl-ac2100
    • Published: Apr. 02, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-31477

    The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the syste... Read more

    Affected Products : plugin-shell
    • Published: Apr. 02, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2020-29385

    GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will as... Read more

    Affected Products : ubuntu_linux fedora gdk-pixbuf
    • EPSS Score: %0.81
    • Published: Dec. 26, 2020
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-30151

    A SQL injection vulnerability in the Boxtal (envoimoinscher) module for PrestaShop, after version 3.1.10, allows remote attackers to execute arbitrary SQL commands via the `key` GET parameter.... Read more

    Affected Products : prestashop envoimoinscher
    • EPSS Score: %0.98
    • Published: Jul. 13, 2023
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2023-31672

    In the PrestaShop < 2.4.3 module "Length, weight or volume sell" (ailinear) there is a SQL injection vulnerability.... Read more

    Affected Products : prestashop ailinear
    • EPSS Score: %0.22
    • Published: Jun. 15, 2023
    • Modified: Apr. 29, 2025

  • 5.4

    MEDIUM
    CVE-2025-3130

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Obfuscate allows Stored XSS.This issue affects Obfuscate: from 0.0.0 before 2.0.1.... Read more

    Affected Products : drupal obfuscate
    • Published: Apr. 02, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2022-44654

    Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The affected component's memory protectio... Read more

    Affected Products : apex_one
    • EPSS Score: %0.22
    • Published: Dec. 12, 2022
    • Modified: Apr. 29, 2025

  • 7.8

    HIGH
    CVE-2022-44650

    A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain t... Read more

    Affected Products : windows apex_one
    • EPSS Score: %0.06
    • Published: Dec. 12, 2022
    • Modified: Apr. 29, 2025

  • 7.8

    HIGH
    CVE-2022-44649

    An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obta... Read more

    Affected Products : windows apex_one
    • EPSS Score: %0.06
    • Published: Dec. 12, 2022
    • Modified: Apr. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-44648

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privil... Read more

    Affected Products : windows apex_one
    • EPSS Score: %0.06
    • Published: Dec. 12, 2022
    • Modified: Apr. 29, 2025

  • 7.8

    HIGH
    CVE-2022-43751

    McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged us... Read more

    Affected Products : total_protection
    • EPSS Score: %0.09
    • Published: Nov. 23, 2022
    • Modified: Apr. 29, 2025

  • 8.8

    HIGH
    CVE-2022-43685

    CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. This allows a user to take over an existing account including superuser accounts.... Read more

    Affected Products : ckan
    • EPSS Score: %0.27
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-43215

    Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the endDate parameter at getOrderReport.php.... Read more

    Affected Products : billing_system
    • EPSS Score: %0.08
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-43214

    Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the orderId parameter at printOrder.php.... Read more

    Affected Products : billing_system
    • EPSS Score: %0.08
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-43212

    Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the orderId parameter at fetchOrderData.php.... Read more

    Affected Products : billing_system_project
    • EPSS Score: %0.08
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.0

    CRITICAL
    CVE-2022-42989

    ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Caixa de Entrada.... Read more

    Affected Products : sankhya_om
    • EPSS Score: %0.14
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 8.8

    HIGH
    CVE-2022-42098

    KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.... Read more

    Affected Products : klik-socialmediawebsite
    • EPSS Score: %0.66
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025
Showing 20 of 291672 Results