Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-3163

    A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the ... Read more

    Affected Products : lmdeploy
    • Published: Apr. 03, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-43013

    In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible... Read more

    Affected Products : toolbox
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2025-42921

    In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin... Read more

    Affected Products : toolbox
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-3164

    A vulnerability was found in Tencent Music Entertainment SuperSonic up to 0.9.8. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/semantic/database/testConnect of the component H2 Database Connection Han... Read more

    Affected Products : supersonic
    • Published: Apr. 03, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2022-46792

    Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions before 2.10.0 are unaffected.)... Read more

    Affected Products : graphql_engine
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 4.3

    MEDIUM
    CVE-2022-46685

    In Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did not support credentials masking, potentially exposing them through the build log.... Read more

    Affected Products : gitea
    • Published: Dec. 12, 2022
    • Modified: Apr. 23, 2025

  • 6.5

    MEDIUM
    CVE-2022-45667

    Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 23, 2025

  • 8.8

    HIGH
    CVE-2022-45548

    AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.... Read more

    Affected Products : ayacms
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45525

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the downaction parameter at /goform/CertListInfo.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45524

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the opttype parameter at /goform/IPSECsave.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45523

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/L7Im.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45522

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeClientFilter.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45521

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeUrlFilter.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45520

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/qossetting.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45519

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the Go parameter at /goform/SafeMacFilter.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45518

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SetIpBind.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45517

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/VirtualSer.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45516

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/NatStaticSetting.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45515

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the entries parameter at /goform/addressNat.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025

  • 7.5

    HIGH
    CVE-2022-45514

    Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/webExcptypemanFilter.... Read more

    Affected Products : w30e_firmware w30e
    • Published: Dec. 08, 2022
    • Modified: Apr. 23, 2025
Showing 20 of 293612 Results