Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-7930

    A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/add_members.php. The manipulation of the argument mobile leads to sql ... Read more

    Affected Products : church_donation_system
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025

  • 7.5

    HIGH
    CVE-2025-7931

    A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The manipulation of the argument image leads to unrestricted upl... Read more

    Affected Products : church_donation_system
    • Published: Jul. 21, 2025
    • Modified: Jul. 29, 2025

  • 9.8

    CRITICAL
    CVE-2025-7950

    A vulnerability was found in code-projects Public Chat Room 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack may b... Read more

    Affected Products : public_chat_room
    • Published: Jul. 22, 2025
    • Modified: Jul. 29, 2025

  • 5.3

    MEDIUM
    CVE-2022-46897

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The CapsuleIFWUSmm driver does not check the return value from a method or function. This can prevent it from detecting unexpected states and conditions.... Read more

    Affected Products : insydeh2o kernel
    • Published: Apr. 22, 2024
    • Modified: Jul. 29, 2025

  • 5.4

    MEDIUM
    CVE-2025-7951

    A vulnerability classified as problematic has been found in code-projects Public Chat Room 1.0. This affects an unknown part of the file /send_message.php. The manipulation of the argument chat_msg/your_name leads to cross site scripting. It is possible t... Read more

    Affected Products : public_chat_room
    • Published: Jul. 22, 2025
    • Modified: Jul. 29, 2025

  • 6.1

    MEDIUM
    CVE-2025-7946

    A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search-visitor.php of the component HTTP POST Request Handler. The manipulation of ... Read more

    • Published: Jul. 22, 2025
    • Modified: Jul. 29, 2025

  • 5.4

    MEDIUM
    CVE-2025-7791

    A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/search.php. The manipulation of the argument searchdata leads to cross site s... Read more

    • Published: Jul. 18, 2025
    • Modified: Jul. 29, 2025

  • 5.4

    MEDIUM
    CVE-2025-7802

    A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument Search leads to cross sit... Read more

    Affected Products : complaint_management_system
    • Published: Jul. 18, 2025
    • Modified: Jul. 29, 2025

  • 9.8

    CRITICAL
    CVE-2025-7859

    A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/update_password_admin.php. The manipulation of the argument new_password leads to sql injection. The... Read more

    Affected Products : church_donation_system
    • Published: Jul. 20, 2025
    • Modified: Jul. 29, 2025

  • 9.8

    CRITICAL
    CVE-2025-7860

    A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of the file /members/login_admin.php. The manipulation of the argument Username leads to sql injectio... Read more

    Affected Products : church_donation_system
    • Published: Jul. 20, 2025
    • Modified: Jul. 29, 2025

  • 9.8

    CRITICAL
    CVE-2025-7861

    A vulnerability, which was classified as critical, was found in code-projects Church Donation System 1.0. Affected is an unknown function of the file /members/search.php. The manipulation of the argument Username leads to sql injection. It is possible to ... Read more

    Affected Products : church_donation_system
    • Published: Jul. 20, 2025
    • Modified: Jul. 29, 2025

  • 7.8

    HIGH
    CVE-2022-28339

    Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges.... Read more

    Affected Products : windows housecall_for_home_networks
    • Published: Feb. 22, 2025
    • Modified: Jul. 29, 2025

  • 7.5

    HIGH
    CVE-2020-36848

    The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it... Read more

    Affected Products : total_upkeep
    • Published: Jul. 12, 2025
    • Modified: Jul. 29, 2025

  • 9.8

    CRITICAL
    CVE-2020-36847

    The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthe... Read more

    Affected Products : simple-file-list simple_file_list
    • Published: Jul. 12, 2025
    • Modified: Jul. 29, 2025

  • 9.8

    CRITICAL
    CVE-2024-2195

    A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/... Read more

    Affected Products : aim
    • Published: Apr. 10, 2024
    • Modified: Jul. 29, 2025

  • 8.8

    HIGH
    CVE-2024-2196

    aimhubio/aim is vulnerable to Cross-Site Request Forgery (CSRF), allowing attackers to perform actions such as deleting runs, updating data, and stealing data like log records and notes without the user's consent. The vulnerability stems from the lack of ... Read more

    Affected Products : aim
    • Published: Apr. 10, 2024
    • Modified: Jul. 29, 2025

  • 7.3

    HIGH
    CVE-2024-2206

    An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in req... Read more

    Affected Products : gradio
    • Published: Mar. 27, 2024
    • Modified: Jul. 29, 2025

  • 7.5

    HIGH
    CVE-2024-2217

    gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the `config.json` file. This vulnerability is present in both authenticated and unauthenticated versions of the application, enabling attackers to obtain ... Read more

    Affected Products : chuanhuchatgpt
    • Published: Apr. 10, 2024
    • Modified: Jul. 29, 2025

  • 5.4

    MEDIUM
    CVE-2025-7767

    A vulnerability, which was classified as problematic, has been found in PHPGurukul Art Gallery Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/edit-art-medium-detail.php. The manipulation of the argument artm... Read more

    Affected Products : art_gallery_management_system
    • Published: Jul. 18, 2025
    • Modified: Jul. 29, 2025

  • 5.4

    MEDIUM
    CVE-2025-7815

    A vulnerability, which was classified as problematic, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /manage-newvisitors.php of the component HTTP POST Request Handler. The man... Read more

    • Published: Jul. 19, 2025
    • Modified: Jul. 29, 2025
Showing 20 of 291058 Results