Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-5711

    A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/InsertCity.php. The manipulation of the argument cmbState leads to sql injection. ... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 4.8

    MEDIUM
    CVE-2025-5722

    A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /script/academic/terms of the component Add Academic Term. The manipulation of the arg... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-5723

    A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/academic/classes of the component Classes Page. The manipulation of the argument... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-5724

    A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /script/academic/subjects of the component Subjects Page. The manipulation of the argument... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-5725

    A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /script/academic/grading-system of the component Grading System P... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2025-5728

    A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management System 1.0. This vulnerability affects unknown code of the file /manage_website.php. The manipulation of the argument website_image leads to unrestricted uplo... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-5732

    A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The ... Read more

    Affected Products : traffic_offense_reporting_system
    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 9.8

    CRITICAL
    CVE-2025-5759

    A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. This vulnerability affects unknown code of the file /admin/edit-person-detail.php?editid=2. The manipulation of the argument editid leads to... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-5761

    A vulnerability, which was classified as critical, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file /edit-family-member.php. The manipulation of the argument memberage leads to sql in... Read more

    Affected Products : bp_monitoring_management_system
    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-5762

    A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file view_hematology.php. The manipulation of the argument itr_no leads to sql injection. It is poss... Read more

    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-5784

    A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /myexp.php. The manipulation of the argument emp3ctc leads to sql injection. The attack can ... Read more

    Affected Products : employee_record_management_system
    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.0

    HIGH
    CVE-2025-5785

    A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-u... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5786

    A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads t... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-5838

    A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql i... Read more

    Affected Products : employee_record_management_system
    • Published: Jun. 07, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5856

    A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. The attack... Read more

    Affected Products : bp_monitoring_management_system
    • Published: Jun. 09, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-5858

    A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulation of the argument searchdata leads to sql injection. It ... Read more

    • Published: Jun. 09, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-5763

    A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to command injection. The attack can be launched remotely. The ... Read more

    Affected Products : cp3_firmware cp3
    • Published: Jun. 06, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Injection

  • 4.8

    MEDIUM
    CVE-2025-48012

    Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote Services with Stolen Credentials.This issue affects One Time Password: from 0.0.0 before 1.3.0.... Read more

    Affected Products : one_time_password
    • Published: May. 21, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Authentication

  • 4.8

    MEDIUM
    CVE-2025-48011

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal One Time Password allows Functionality Bypass.This issue affects One Time Password: from 0.0.0 before 1.3.0.... Read more

    Affected Products : one_time_password
    • Published: May. 21, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Authentication

  • 7.6

    HIGH
    CVE-2023-5553

    During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' ... Read more

    Affected Products : axis_os axis_os_2022
    • Published: Nov. 21, 2023
    • Modified: Jun. 10, 2025
Showing 20 of 293350 Results