Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-25067

    mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands.... Read more

    Affected Products : mypro
    • Published: Feb. 13, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-29180

    In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The url_prefix, domain, and my_website POST parameters are directly concatenated into SQL statements without filtering.... Read more

    Affected Products : foxcms
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-33606

    An attacker could retrieve sensitive files (medical images) as well as plant new medical images or overwrite existing medical images on a MicroDicom DICOM Viewer system. User interaction is required to exploit this vulnerability.... Read more

    Affected Products : dicom_viewer
    • Published: Jun. 11, 2024
    • Modified: Apr. 23, 2025

  • 6.5

    MEDIUM
    CVE-2024-41355

    phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via /app/tools/request-ip/index.php.... Read more

    Affected Products : phpipam
    • Published: Jul. 26, 2024
    • Modified: Apr. 23, 2025

  • 4.7

    MEDIUM
    CVE-2024-41356

    phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\firewall-zones\zones-edit-network.php.... Read more

    Affected Products : phpipam
    • Published: Jul. 26, 2024
    • Modified: Apr. 23, 2025

  • 7.1

    HIGH
    CVE-2024-41357

    phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via /app/admin/powerDNS/record-edit.php.... Read more

    Affected Products : phpipam
    • Published: Jul. 26, 2024
    • Modified: Apr. 23, 2025

  • 7.1

    HIGH
    CVE-2024-41353

    phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\groups\edit-group.php... Read more

    Affected Products : phpipam
    • Published: Jul. 26, 2024
    • Modified: Apr. 23, 2025

  • 7.1

    HIGH
    CVE-2024-41354

    phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via /app/admin/widgets/edit.php... Read more

    Affected Products : phpipam
    • Published: Jul. 26, 2024
    • Modified: Apr. 23, 2025

  • 5.4

    MEDIUM
    CVE-2024-55093

    phpIPAM through 1.7.3 has a reflected Cross-Site Scripting (XSS) vulnerability in the install scripts.... Read more

    Affected Products : phpipam
    • Published: Mar. 31, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.2

    HIGH
    CVE-2025-29181

    FOXCMS <= V1.25 is vulnerable to SQL Injection via $param['title'] in /admin/util/Field.php.... Read more

    Affected Products : foxcms
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-29661

    Litepubl CMS <= 7.0.9 is vulnerable to RCE in admin/service/run.... Read more

    Affected Products : litepubl_cms
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-32415

    In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a craft... Read more

    Affected Products : libxml2
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Memory Corruption

  • 6.1

    MEDIUM
    CVE-2022-45917

    ILIAS before 7.16 has an Open Redirect.... Read more

    Affected Products : ilias
    • Published: Dec. 07, 2022
    • Modified: Apr. 23, 2025

  • 5.4

    MEDIUM
    CVE-2022-45916

    ILIAS before 7.16 allows XSS.... Read more

    Affected Products : ilias
    • Published: Dec. 07, 2022
    • Modified: Apr. 23, 2025

  • 8.8

    HIGH
    CVE-2022-45915

    ILIAS before 7.16 allows OS Command Injection.... Read more

    Affected Products : ilias
    • Published: Dec. 07, 2022
    • Modified: Apr. 23, 2025

  • 9.8

    CRITICAL
    CVE-2022-45550

    AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).... Read more

    Affected Products : ayacms
    • Published: Dec. 07, 2022
    • Modified: Apr. 23, 2025

  • 8.8

    HIGH
    CVE-2022-38144

    Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress.... Read more

    Affected Products : wpforo_forum
    • Published: Sep. 09, 2022
    • Modified: Apr. 23, 2025

  • 9.8

    CRITICAL
    CVE-2022-32207

    When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the... Read more

    • Published: Jul. 07, 2022
    • Modified: Apr. 23, 2025

  • 7.8

    HIGH
    CVE-2022-2962

    A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes to the rx/tx descriptor or copies the rx/tx frame, it doesn't check whether the destination address is its own MMIO address. This can cause the device to tr... Read more

    Affected Products : qemu
    • Published: Sep. 13, 2022
    • Modified: Apr. 23, 2025

  • 5.5

    MEDIUM
    CVE-2022-2380

    The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 13, 2022
    • Modified: Apr. 23, 2025
Showing 20 of 293588 Results