Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-7171

    A vulnerability, which was classified as critical, has been found in code-projects Crime Reporting System 1.0. Affected by this issue is some unknown functionality of the file /policelogin.php. The manipulation of the argument email leads to sql injection... Read more

    Affected Products : crime_reporting_system
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 7.3

    HIGH
    CVE-2025-6744

    The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shor... Read more

    Affected Products : woodmart
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025

  • 9.8

    CRITICAL
    CVE-2025-7172

    A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0. This affects an unknown part of the file /headlogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate th... Read more

    Affected Products : crime_reporting_system
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 6.1

    MEDIUM
    CVE-2025-7182

    A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/modules/subject/edit.php. The manipulation of the argument... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-7183

    A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/customer_account.php. The manipulation of the argument Customer leads to sql injectio... Read more

    Affected Products : sales_and_inventory_system
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-7184

    A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. This affects an unknown part of the file /user/teacher/books.php. The manipulation of the argument Search leads to sql injection. It is possible to initiate... Read more

    Affected Products : library_system
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-7185

    A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remo... Read more

    Affected Products : library_system
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2024-30330

    Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 03, 2024
    • Modified: Jul. 09, 2025

  • 3.3

    LOW
    CVE-2024-30347

    Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Jul. 09, 2025

  • 6.4

    MEDIUM
    CVE-2024-11897

    The Contact Form, Survey & Form Builder – MightyForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mightyforms' shortcode in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output ... Read more

    Affected Products : mightyforms
    • Published: Dec. 04, 2024
    • Modified: Jul. 09, 2025

  • 7.8

    HIGH
    CVE-2024-30341

    Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerabil... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Jul. 09, 2025

  • 8.4

    HIGH
    CVE-2025-47957

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 8.4

    HIGH
    CVE-2025-47953

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 6.1

    MEDIUM
    CVE-2023-6978

    The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it poss... Read more

    Affected Products : wp_job_manager
    • Published: Dec. 04, 2024
    • Modified: Jul. 09, 2025

  • 7.8

    HIGH
    CVE-2025-47175

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47174

    Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47173

    Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-47172

    Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 6.7

    MEDIUM
    CVE-2025-47171

    Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2025-47170

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291878 Results