Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2025-32822

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'DeleteProject' method. This could allow an authenticated remote attacker to byp... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-32475

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateProject' method. This could allow an authenticated remote attacker to byp... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-31353

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateOpcSettings' method. This could allow an authenticated remote attacker to... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-30002

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariables' method. This could allow an authenticated remote att... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-30003

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote atta... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-30030

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to by... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-30031

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateUsers' method. This could allow an authenticated remote attacker to bypas... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-30032

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attack... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-31343

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateTcmSettings' method. This could allow an authenticated remote attacker to... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-31349

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateSmtpSettings' method. This could allow an authenticated remote attacker t... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-31350

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateBufferingSettings' method. This could allow an authenticated remote attac... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-31351

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'CreateProject' method. This could allow an authenticated remote attacker to byp... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-31352

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateGateways' method. This could allow an authenticated remote attacker to by... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-27495

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to byp... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-27539

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'VerifyUser' method. This could allow an unauthenticated remote attacker to bypa... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-27540

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'Authenticate' method. This could allow an unauthenticated remote attacker to by... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-29905

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 16, 2025
    • Modified: Aug. 19, 2025

  • 6.3

    MEDIUM
    CVE-2025-29931

    A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deseriali... Read more

    Affected Products : telecontrol_server_basic
    • Published: Apr. 17, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Denial of Service

  • 7.0

    HIGH
    CVE-2025-49762

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2025-49761

    Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292871 Results