Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-8989

    A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be init... Read more

    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-8993

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. It is possible to initiate the a... Read more

    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-9008

    A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/sms_setting.php. The manipulation of the argument uname leads to sql injection. The attack may be in... Read more

    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-9010

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking_report.php. The manipulation of the argument from_date leads to sql injection. Th... Read more

    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-9026

    A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file htdocs/cgibin of the component Simple Service Discovery Protocol. The manipulation leads to os command injection. It is possible to initiate the... Read more

    Affected Products : dir-860l_firmware dir-860l
    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.0

    HIGH
    CVE-2025-9046

    A vulnerability was identified in Tenda AC20 16.03.08.12. This issue affects the function sub_46A2AC of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotel... Read more

    Affected Products : ac20_firmware ac20
    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-9047

    A vulnerability has been found in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /visitor_out.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exp... Read more

    Affected Products : visitor_management_system
    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-9050

    A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /addcategory.php. The manipulation of the argument t1 leads to sql injection. The attack can be launched remote... Read more

    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-9051

    A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remo... Read more

    • Published: Aug. 15, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-8985

    A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can b... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-8984

    A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection. It is po... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-8983

    A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection. The att... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-8982

    A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection. The attack ... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-8981

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection. It is possible to initiat... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 6.8

    MEDIUM
    CVE-2025-8980

    A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be laun... Read more

    Affected Products : g1_firmware g1
    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 8.8

    HIGH
    CVE-2023-42005

    IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264.... Read more

    Affected Products : db2 cloud_pak_for_data db2_warehouse
    • Published: May. 29, 2024
    • Modified: Aug. 18, 2025

  • 6.8

    MEDIUM
    CVE-2025-8979

    A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authentici... Read more

    Affected Products : ac15_firmware ac15
    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 5.4

    MEDIUM
    CVE-2025-8976

    A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/index.php?module=content/post&type=post of the component Endpoint. The manipulation leads to cross site scripting. The attack can be... Read more

    Affected Products : vvveb
    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 5.4

    MEDIUM
    CVE-2025-8975

    A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to cross site scripting. It is possible to initiate the attack remotely. The ... Read more

    Affected Products : vvveb
    • Published: Aug. 14, 2025
    • Modified: Aug. 18, 2025

  • 6.1

    MEDIUM
    CVE-2025-45316

    A cross-site scripting (XSS) vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter.... Read more

    Affected Products : hortusfox
    • Published: Aug. 13, 2025
    • Modified: Aug. 18, 2025
Showing 20 of 290958 Results