Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-36328

    Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).... Read more

    Affected Products : fedora libtommath
    • Published: Sep. 01, 2023
    • Modified: Jun. 26, 2025

  • 7.5

    HIGH
    CVE-2023-28366

    The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling o... Read more

    Affected Products : mosquitto
    • Published: Sep. 01, 2023
    • Modified: Jun. 26, 2025

  • 9.8

    CRITICAL
    CVE-2025-6351

    A vulnerability was found in itsourcecode Employee Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editprofile.php. The manipulation of the argument emp1name leads to sql injection. The ... Read more

    Affected Products : employee_management_system
    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2025-6352

    A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the a... Read more

    Affected Products : automated_voting_system
    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-6354

    A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/customer_signup.php. The manipulation of the argument email leads to sql i... Read more

    Affected Products : online_shoe_store
    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-6355

    A vulnerability has been found in SourceCodester Online Hotel Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/execeditroom.php. The manipulation of the argument userid leads to sql injection. T... Read more

    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-6356

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /addmem.php. The manipulation leads to sql injection. The attack may be initiated remotely. The ... Read more

    Affected Products : simple_pizza_ordering_system
    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-6357

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of the argument person leads to sql injection. It is possible... Read more

    Affected Products : simple_pizza_ordering_system
    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-6358

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saveorder.php. The manipulation of the argument ID leads to sql injectio... Read more

    Affected Products : simple_pizza_ordering_system
    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-6359

    A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cashconfirm.php. The manipulation of the argument transactioncode leads to sql in... Read more

    Affected Products : simple_pizza_ordering_system
    • Published: Jun. 20, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2023-47297

    A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.... Read more

    Affected Products : terminal_handler
    • Published: Jun. 23, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Authentication

  • 4.3

    MEDIUM
    CVE-2023-47298

    An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account status... Read more

    Affected Products : terminal_handler
    • Published: Jun. 23, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-6516

    A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approache... Read more

    Affected Products : hdf5
    • Published: Jun. 23, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2022-28463

    ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.... Read more

    Affected Products : debian_linux imagemagick
    • Published: May. 08, 2022
    • Modified: Jun. 25, 2025

  • 7.5

    HIGH
    CVE-2022-24763

    PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to upd... Read more

    Affected Products : debian_linux pjsip pjsip
    • Published: Mar. 30, 2022
    • Modified: Jun. 25, 2025

  • 7.8

    HIGH
    CVE-2022-26490

    st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.... Read more

    • Published: Mar. 06, 2022
    • Modified: Jun. 25, 2025

  • 7.8

    HIGH
    CVE-2022-28390

    ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.... Read more

    • Published: Apr. 03, 2022
    • Modified: Jun. 25, 2025

  • 5.5

    MEDIUM
    CVE-2022-29204

    TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can b... Read more

    Affected Products : tensorflow
    • Published: May. 20, 2022
    • Modified: Jun. 25, 2025

  • 5.5

    MEDIUM
    CVE-2022-3586

    A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local,... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Oct. 19, 2022
    • Modified: Jun. 25, 2025

  • 5.5

    MEDIUM
    CVE-2023-52979

    In the Linux kernel, the following vulnerability has been resolved: squashfs: harden sanity check in squashfs_read_xattr_id_table While mounting a corrupted filesystem, a signed integer '*xattr_ids' can become less than zero. This leads to the incorrec... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Jun. 25, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293690 Results