Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2025-2552

    A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/formTcpipSetup. The manipulation leads to improper access controls. Access to the local ne... Read more

    • Published: Mar. 20, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-2551

    A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been classified as problematic. This affects an unknown part of the file /goform/formSetPortTr. The manipulation leads to improper access controls. Access to the local network is r... Read more

    • Published: Mar. 20, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-2550

    A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/formSetDDNS of the component DDNS Service. The manipulation leads to improper access... Read more

    • Published: Mar. 20, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2025-2549

    A vulnerability has been found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/formSetPassword. The manipulation leads to improper access controls. The ... Read more

    • Published: Mar. 20, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Authentication

  • 8.4

    HIGH
    CVE-2025-2480

    Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker.... Read more

    Affected Products : dicom_viewer_pro
    • Published: Mar. 20, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-29149

    Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.... Read more

    Affected Products : i12_framework i12 i12_firmware
    • Published: Mar. 20, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-29121

    A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Mar. 20, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Memory Corruption

  • 3.1

    LOW
    CVE-2024-7598

    A security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion. The order in which objects are deleted during namespace termination is not defined... Read more

    Affected Products : kube-apiserver
    • Published: Mar. 20, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2024-57440

    D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi... Read more

    Affected Products : dsl-3788_firmware dsl-3788
    • Published: Mar. 20, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-2548

    A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/3.02. Affected is an unknown function of the file /goform/formSetDomainFilter. The manipulation leads to improper access controls. The attack can only be i... Read more

    • Published: Mar. 20, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2025-2547

    A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L 2.02/3.02. This issue affects some unknown processing of the file /goform/formAdvNetwork. The manipulation leads to improper access controls. The attack ca... Read more

    • Published: Mar. 20, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-29214

    Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg.... Read more

    Affected Products : ax12_firmware ax12
    • Published: Mar. 20, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.9

    CRITICAL
    CVE-2025-23120

    A vulnerability allowing remote code execution (RCE) for domain users.... Read more

    Affected Products : veeam_backup_\&_replication
    • Published: Mar. 20, 2025
    • Modified: Apr. 02, 2025
    • Vuln Type: Authentication

  • 5.3

    MEDIUM
    CVE-2025-2546

    A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This vulnerability affects unknown code of the file /goform/formAdvFirewall of the component Firewall Service. The manipulation leads to improper access controls... Read more

    • Published: Mar. 20, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-29411

    An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.... Read more

    Affected Products : ibanking
    • Published: Mar. 20, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Authentication

  • 6.1

    MEDIUM
    CVE-2024-48591

    Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.... Read more

    Affected Products : spirateam
    • Published: Mar. 20, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-29412

    A cross-site scripting (XSS) vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.... Read more

    Affected Products : ibanking
    • Published: Mar. 20, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-29410

    A cross-site scripting (XSS) vulnerability in the component /contact.php of Hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the txtEmail parameter.... Read more

    Affected Products : hospital_management_system
    • Published: Mar. 20, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-1496

    Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This issue affects Coslat Hotspot: before 6.26.0.R.20250227.... Read more

    Affected Products :
    • Published: Mar. 20, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Authentication

  • 5.9

    MEDIUM
    CVE-2025-0254

    HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties.... Read more

    Affected Products : digital_experience
    • Published: Mar. 20, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Cryptography
Showing 20 of 291739 Results