Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2025-36104

    IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive information from files due to the insecure permissions inherited through the SMB protocol.... Read more

    • Published: Jul. 12, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-3631

    An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it.... Read more

    Affected Products : mq mq_appliance
    • Published: Jul. 11, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-36090

    IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain information about the application framework which could be used in reconnaissance to gather information for future attacks from a detailed technical error message.... Read more

    Affected Products : analytics_content_hub
    • Published: Jul. 10, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2024-39752

    IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, an... Read more

    Affected Products : analytics_content_hub
    • Published: Jul. 10, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2024-38327

    IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API.... Read more

    Affected Products : analytics_content_hub
    • Published: Jul. 10, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2024-37524

    IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.... Read more

    Affected Products : analytics_content_hub
    • Published: Jul. 10, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-47988

    Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.... Read more

    Affected Products : azure_monitor_agent
    • Published: Jul. 08, 2025
    • Modified: Jul. 23, 2025

  • 8.0

    HIGH
    CVE-2025-47178

    Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-54309

    CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025.... Read more

    Affected Products : crushftp
    • Actively Exploited
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2025-20257

    A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate al... Read more

    Affected Products : secure_network_analytics
    • Published: May. 21, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-7838

    A vulnerability has been found in Campcodes Online Movie Theater Seat Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage_seat.php. The manipulation of the argument ID leads to sql injection... Read more

    • Published: Jul. 19, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Injection

  • 9.0

    HIGH
    CVE-2025-7837

    A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this issue is the function recvSlaveStaInfo of the component MQTT Service. The manipulation of the argument dest leads to buffer overflow. The attack ma... Read more

    Affected Products : t6_firmware t6
    • Published: Jul. 19, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7790

    A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulation of the argument out_addr/in_addr/out_port/proto lead... Read more

    Affected Products : di-8100_firmware di-8100
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7807

    A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. T... Read more

    Affected Products : fh451_firmware fh451
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7806

    A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The ... Read more

    Affected Products : fh451_firmware fh451
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7805

    A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to... Read more

    Affected Products : fh451_firmware fh451
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7796

    A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. It is possible ... Read more

    Affected Products : fh451_firmware fh451
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7795

    A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflo... Read more

    Affected Products : fh451_firmware fh451
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7794

    A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. ... Read more

    Affected Products : fh451_firmware fh451
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-7793

    A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible t... Read more

    Affected Products : fh451_firmware fh451
    • Published: Jul. 18, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292495 Results