Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-2388

    A vulnerability was found in Keytop 路内停车收费系统 2.7.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saas/commonApi/park/getParks of the component API. The manipulation leads to improper authenticat... Read more

    Affected Products :
    • Published: Mar. 17, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-2387

    A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. I... Read more

    • Published: Mar. 17, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 4.1

    MEDIUM
    CVE-2025-29430

    Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/room.php via the id and rome parameters.... Read more

    • Published: Mar. 17, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-29429

    Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/program.php via the id, code, and name parameters.... Read more

    • Published: Mar. 17, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.3

    HIGH
    CVE-2025-26125

    An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges.... Read more

    Affected Products :
    • Published: Mar. 17, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Path Traversal

  • 7.8

    HIGH
    CVE-2025-22473

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potential... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-22472

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potential... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2024-49561

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation o... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: May. 08, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2024-49559

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized acce... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Apr. 30, 2025
    • Vuln Type: Authentication

  • 8.4

    HIGH
    CVE-2024-48831

    Dell SmartFabric OS10 Software, version(s) 10.5.6.x, contain(s) a Use of Hard-coded Password vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2024-48828

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2024-48017

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potenti... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Injection

  • 6.7

    MEDIUM
    CVE-2024-48015

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentia... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2386

    A vulnerability was found in PHPGurukul Local Services Search Engine Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /serviceman-search.php. The manipulation of the argument location leads to sql in... Read more

    • Published: Mar. 17, 2025
    • Modified: Mar. 27, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-2385

    A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument userEmail/userPassword leads to sql injection. The attack can be in... Read more

    Affected Products : modern_bag
    • Published: Mar. 17, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 8.2

    HIGH
    CVE-2025-2241

    A flaw was found in Hive, a component of Multicluster Engine (MCE) and Advanced Cluster Management (ACM). This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read acce... Read more

    Affected Products :
    • Published: Mar. 17, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Information Disclosure

  • 3.2

    LOW
    CVE-2025-29431

    Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/department.php via the id, code, and name parameters.... Read more

    • Published: Mar. 17, 2025
    • Modified: Apr. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2025-25685

    An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share.... Read more

    Affected Products :
    • Published: Mar. 17, 2025
    • Modified: Mar. 21, 2025
    • Vuln Type: Path Traversal

  • 7.5

    HIGH
    CVE-2025-25684

    A lack of validation in the path parameter (/download) of GL-INet Beryl AX GL-MT3000 v4.7.0 allows attackers to download arbitrary files from the device's file system via a crafted POST request.... Read more

    Affected Products :
    • Published: Mar. 17, 2025
    • Modified: Mar. 19, 2025
    • Vuln Type: Path Traversal

  • 6.8

    MEDIUM
    CVE-2025-22474

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server... Read more

    Affected Products : smartfabric_os10
    • Published: Mar. 17, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Server-Side Request Forgery
Showing 20 of 293414 Results