Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.0

    HIGH
    CVE-2025-5789

    A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buff... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5790

    A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. This vulnerability affects unknown code of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer o... Read more

    Affected Products : x15_firmware x15
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5794

    A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The... Read more

    Affected Products : ac5_firmware ac5
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5795

    A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15.03.06.47. This affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to init... Read more

    Affected Products : ac5_firmware ac5
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5798

    A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeType leads to stack-based buffer overflow. It is possib... Read more

    Affected Products : ac8_firmware ac8
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 9.0

    HIGH
    CVE-2025-5799

    A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-base... Read more

    Affected Products : ac8_firmware ac8
    • Published: Jun. 06, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-5836

    A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to command inj... Read more

    Affected Products : ac9_firmware ac9
    • Published: Jun. 07, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-5837

    A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the argument delid leads to sql injection. It is possible t... Read more

    Affected Products : employee_record_management_system
    • Published: Jun. 07, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Injection

  • 9.0

    HIGH
    CVE-2025-5839

    A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument lanM... Read more

    Affected Products : ac9_firmware ac9
    • Published: Jun. 07, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-20063

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-21082

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-23235

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-24493

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2025-25217

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-26691

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-26693

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Information Disclosure

  • 6.1

    MEDIUM
    CVE-2025-27131

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-27242

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-27247

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-27563

    in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.... Read more

    Affected Products : openharmony
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 293344 Results