Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2024-27231

    In tmu_get_tr_stats of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Apr. 05, 2024
    • Modified: Jun. 17, 2025

  • 7.5

    HIGH
    CVE-2024-24746

    Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.  Specially crafted GATT operation can cause infinite loop in GATT server leading to denial of service in Bluetooth stack or device. This issue affects Apache NimBLE: ... Read more

    Affected Products : nimble
    • Published: Apr. 06, 2024
    • Modified: Jun. 17, 2025

  • 9.8

    CRITICAL
    CVE-2025-5635

    A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component PLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been... Read more

    Affected Products : pcman_ftp_server ftp_server
    • Published: Jun. 05, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5609

    A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can b... Read more

    Affected Products : ac18_firmware ac18
    • Published: Jun. 04, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5608

    A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to buffer overflow. It is possible to l... Read more

    Affected Products : ac18_firmware ac18
    • Published: Jun. 04, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5607

    A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be ... Read more

    Affected Products : ac18_firmware ac18
    • Published: Jun. 04, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-5515

    A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command in... Read more

    Affected Products : x2000r_firmware x2000r
    • Published: Jun. 03, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Injection

  • 5.4

    MEDIUM
    CVE-2025-5507

    A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component MAC Filtering Page. The manipulation of the argument Comment leads to cros... Read more

    Affected Products : a3002ru_firmware a3002ru
    • Published: Jun. 03, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-5506

    A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is pos... Read more

    Affected Products : a3002ru_firmware a3002ru
    • Published: Jun. 03, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-5505

    A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type... Read more

    Affected Products : a3002ru_firmware a3002ru
    • Published: Jun. 03, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-5504

    A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack can ... Read more

    Affected Products : x2000r_firmware x2000r
    • Published: Jun. 03, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Injection

  • 9.0

    HIGH
    CVE-2025-5503

    A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. This affects the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to stack-based buffer overfl... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 03, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5735

    A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url lea... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5671

    A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_... Read more

    Affected Products : n302r_plus_firmware n302r_plus
    • Published: Jun. 05, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5672

    A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation ... Read more

    Affected Products : n302r_plus_firmware n302r_plus
    • Published: Jun. 05, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 5.8

    MEDIUM
    CVE-2025-5695

    A vulnerability classified as critical has been found in FLIR AX8 up to 1.46.16. This affects the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. The mani... Read more

    Affected Products : flir_ax8_firmware flir_ax8
    • Published: Jun. 05, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Injection

  • 9.0

    HIGH
    CVE-2025-5734

    A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redir... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5736

    A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads t... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5737

    A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5738

    A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the argument ... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 17, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293559 Results