Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-38491

    In the Linux kernel, the following vulnerability has been resolved: mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/... Read more

    Affected Products : linux_kernel
    • Published: Jul. 28, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38351

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTU... Read more

    Affected Products : linux_kernel
    • Published: Jul. 19, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38325

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: add free_transport ops in ksmbd connection free_transport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add free_transport ops i... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38322

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix crash in icl_update_topdown_event() The perf_fuzzer found a hard-lockup crash on a RaptorLake machine: Oops: general protection fault, maybe for address 0xffff89a... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38221

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds max_end is not permitted and will result in a negative length in the truncate_inode_partial_folio()... Read more

    Affected Products : linux_kernel
    • Published: Jul. 04, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-37777

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in __smb2_lease_break_noti() Move tcp_transport free to ksmbd_conn_free. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be ... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-29360

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: Mar. 13, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-29359

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the deviceId parameter at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: Mar. 13, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-29358

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the firewallEn parameter at /goform/SetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: Mar. 13, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-29357

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the startIp and endIp parameters at /goform/SetPptpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more

    Affected Products : rx3_firmware rx3 rx3_firmware rx3
    • Published: Mar. 13, 2025
    • Modified: Aug. 01, 2025

  • 6.1

    MEDIUM
    CVE-2025-48206

    The ns_backup extension through 13.0.0 for TYPO3 allows XSS.... Read more

    Affected Products : ns-backup ns-backup
    • Published: May. 21, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2023-31746

    There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. An unauthenticated attacker can exploit the vulnerability to execute system commands as the root user.... Read more

    • EPSS Score: %1.42
    • Published: Jun. 14, 2023
    • Modified: Aug. 01, 2025

  • 9.8

    CRITICAL
    CVE-2023-37847

    novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.... Read more

    Affected Products : novel-plus novel-plus novel-plus
    • EPSS Score: %0.30
    • Published: Aug. 14, 2023
    • Modified: Aug. 01, 2025

  • 9.8

    CRITICAL
    CVE-2024-1251

    A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /general/email/outbox/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been dis... Read more

    • EPSS Score: %0.05
    • Published: Feb. 06, 2024
    • Modified: Aug. 01, 2025

  • 9.8

    CRITICAL
    CVE-2023-7021

    A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/delete_search.php. The manipulation of the argument VU_ID leads to sql injection. It is possibl... Read more

    • EPSS Score: %0.06
    • Published: Dec. 21, 2023
    • Modified: Aug. 01, 2025

  • 8.1

    HIGH
    CVE-2024-10114

    The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.7.7. This is due to insufficient verification on the user being returned by the social login token. This makes it possible f... Read more

    • Published: Nov. 05, 2024
    • Modified: Aug. 01, 2025

  • 5.3

    MEDIUM
    CVE-2025-27221

    In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.... Read more

    Affected Products : uri
    • Published: Mar. 04, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2024-13316

    The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the apmswn_create_discount() function in all v... Read more

    Affected Products : scracth_\&_win scratch_\&_win
    • Published: Feb. 18, 2025
    • Modified: Aug. 01, 2025
    • Vuln Type: Authorization

  • 7.7

    HIGH
    CVE-2023-5520

    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.... Read more

    Affected Products : gpac
    • EPSS Score: %0.01
    • Published: Oct. 11, 2023
    • Modified: Aug. 01, 2025

  • 8.8

    HIGH
    CVE-2023-36390

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All ... Read more

    • EPSS Score: %0.47
    • Published: Jul. 11, 2023
    • Modified: Aug. 01, 2025
Showing 20 of 291275 Results