Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.5

HIGH

CVE-2025-54591

FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below expose information about feeds and tags of default admin users, due to lack of access checking in the FreshRSS_Auth::hasAccess() function used by some of the tag/feed related endp...

Affected Products : freshrss
Published: Sep. 29, 2025

Modified: Oct. 03, 2025

Vuln Type: Information Disclosure
7.5

HIGH

CVE-2025-45376

Dell Repository Manager (DRM), versions 3.4.7 and 3.4.8, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation ...

Affected Products : repository_manager
Published: Sep. 29, 2025

Modified: Oct. 02, 2025

Vuln Type: Authorization
9.5

CRITICAL

CVE-2025-34235

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS ...

Affected Products : windows virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Misconfiguration
9.2

CRITICAL

CVE-2025-34234

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain two hardcoded private keys that are shipped in the application containers (printerlogic/pi, prin...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Cryptography
8.5

HIGH

CVE-2025-34233

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a protection mechanism failure vulnerability within the file_get_contents() function. When an ad...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
6.9

MEDIUM

CVE-2025-34232

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
8.8

HIGH

CVE-2025-34231

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind and non-blind server-side request forgery (SSRF) vulnerability. The '/var/www/app/consol...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
6.9

MEDIUM

CVE-2025-34230

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
6.9

MEDIUM

CVE-2025-34229

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
8.8

HIGH

CVE-2025-34228

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a server-side request forgery (SSRF) vulnerability. The `/var/www/app/console_release/lexmark/up...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
8.8

HIGH

CVE-2025-34225

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a server-side request forgery (SSRF) vulnerability. The `console_release` directory is reachable...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
10.0

CRITICAL

CVE-2025-34224

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose a set of PHP scripts under the `console_release` directory without requiring authentication. An...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34223

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) contain a default admin account and an installation‑time endpoint at `/admin/query/update_database.php`...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34222

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose four admin routes – /admin/hp/cert_upload, /admin/hp/cert_delete, /admin/certs/ca, and /admin/ce...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34221

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 25.2.1518 (VA/SaaS deployments) expose every internal Docker container to the network because firewall rules allow unrestricted traffic ...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
6.9

MEDIUM

CVE-2025-34220

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests t...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34218

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose internal Docker containers through the gw Docker instance. The gateway publishes a /meta endpoi...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Information Disclosure
10.0

CRITICAL

CVE-2025-34216

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 (VA deployments only) expose a set of unauthenticated REST API endpoints that return configuration files and clear‑text passw...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Information Disclosure
9.8

CRITICAL

CVE-2025-34215

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 (only VA deployments) expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 18, 2025

Vuln Type: Misconfiguration
9.8

CRITICAL

CVE-2025-34212

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 (VA/SaaS deployments) possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Exte...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Supply Chain

Showing 20 of 3885 Results

Browse by Apps

Latest CVE Feed

7.5

7.5

9.5

9.2

8.5

6.9

8.8

6.9

6.9

8.8

8.8

10.0

10.0

10.0

10.0

6.9

10.0

10.0

9.8

9.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable