Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.7

    MEDIUM
    CVE-2025-25891

    A buffer overflow vulnerability was discovered in D-Link DSL-3782 v1.01, triggered by the destination, netmask and gateway parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.... Read more

    Affected Products : dsl-3782_firmware dsl-3782
    • Published: Feb. 18, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-25469

    FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/iamf.c.... Read more

    Affected Products :
    • Published: Feb. 18, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-25468

    FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/mem.c.... Read more

    Affected Products :
    • Published: Feb. 18, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-25467

    Insufficient tracking and releasing of allocated used memory in libx264 git master allows attackers to execute arbitrary code via creating a crafted AAC file.... Read more

    Affected Products :
    • Published: Feb. 18, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-22921

    FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.... Read more

    Affected Products :
    • Published: Feb. 18, 2025
    • Modified: Feb. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-56171

    libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity cons... Read more

    Affected Products : libxml2
    • Published: Feb. 18, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Memory Corruption

  • 10.0

    CRITICAL
    CVE-2025-26617

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `historico_paciente.php` endpoint. This vulnerability could allow an attacker to execute... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26616

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Path Traversal vulnerability was discovered in the WeGIA application, `exportar_dump.php` endpoint. This vulnerability could allow an attacker to gain unauth... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Path Traversal

  • 10.0

    CRITICAL
    CVE-2025-26615

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Path Traversal vulnerability was discovered in the WeGIA application, `examples.php` endpoint. This vulnerability could allow an attacker to gain unauthorize... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Path Traversal

  • 9.4

    CRITICAL
    CVE-2025-26614

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `deletar_documento.php` endpoint. This vulnerability allow an authorized attacker to exe... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26613

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. An OS Command Injection vulnerability was discovered in the WeGIA application, `gerenciar_backup.php` endpoint. This vulnerability could allow an attacker to e... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26612

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `adicionar_almoxarife.php` endpoint. This vulnerability could allow an attacker to execu... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26611

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `remover_produto.php` endpoint. This vulnerability could allow an attacker to execute ar... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-26610

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `restaurar_produto_desocultar.php` endpoint. This vulnerability allow an authorized atta... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26609

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `familiar_docfamiliar.php` endpoint. This vulnerability could allow an attacker to execu... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26608

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `dependente_docdependente.php` endpoint. This vulnerability could allow an attacker to e... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26607

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `documento_excluir.php` endpoint. This vulnerability could allow an attacker to execute ... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2025-26606

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `informacao_adicional.php` endpoint. This vulnerability could allow an attacker to execu... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Injection

  • 9.4

    CRITICAL
    CVE-2025-26605

    WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `deletar_cargo.php` endpoint. This vulnerability could allow an authorized attacker to e... Read more

    Affected Products : wegia
    • Published: Feb. 18, 2025
    • Modified: Apr. 10, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-27016

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awsm.in Drivr Lite – Google Drive Plugin allows Stored XSS. This issue affects Drivr Lite – Google Drive Plugin: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Feb. 18, 2025
    • Modified: Feb. 18, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291756 Results