Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-8338

    A vulnerability was found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /adminac.php. The manipulation of the argument ID leads to sql injection. The attack may be... Read more

    Affected Products : online_admission_system
    • Published: Jul. 31, 2025
    • Modified: Aug. 06, 2025

  • 5.1

    MEDIUM
    CVE-2025-54085

    CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to impro... Read more

    Affected Products : secure_access
    • Published: Jul. 31, 2025
    • Modified: Aug. 05, 2025

  • 9.1

    CRITICAL
    CVE-2025-49084

    CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access can overwrite policy rules without the requisite permissions. The attack complexity is low, attack requireme... Read more

    Affected Products : secure_access
    • Published: Jul. 31, 2025
    • Modified: Aug. 05, 2025

  • 7.2

    HIGH
    CVE-2025-49083

    CVE-2025-49083 is a vulnerability in the management console of Absolute Secure Access after version 12.00 and prior to version 13.56. Attackers with administrative access to the console can cause unsafe content to be deserialized and executed in the secur... Read more

    Affected Products : secure_access
    • Published: Jul. 31, 2025
    • Modified: Aug. 05, 2025

  • 5.1

    MEDIUM
    CVE-2025-49082

    CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to impro... Read more

    Affected Products : secure_access
    • Published: Jul. 31, 2025
    • Modified: Aug. 05, 2025

  • 6.5

    MEDIUM
    CVE-2025-36040

    IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms.... Read more

    Affected Products : aspera_faspex
    • Published: Jul. 31, 2025
    • Modified: Aug. 06, 2025

  • 6.5

    MEDIUM
    CVE-2025-36039

    IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,... Read more

    Affected Products : aspera_faspex
    • Published: Jul. 31, 2025
    • Modified: Aug. 06, 2025

  • 5.4

    MEDIUM
    CVE-2025-8337

    A vulnerability, which was classified as problematic, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/add_vehicles.php. The manipulation of the argument car_name leads to cross si... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 9.8

    CRITICAL
    CVE-2025-8336

    A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_user. The manipulation of the argument ID leads to sql injection. The a... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 5.3

    MEDIUM
    CVE-2025-8335

    A vulnerability classified as problematic has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has bee... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 9.8

    CRITICAL
    CVE-2025-8334

    A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_recruitment_status. The manipulation of the argu... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 7.1

    HIGH
    CVE-2025-54586

    GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden” com... Read more

    Affected Products : gitproxy
    • Published: Jul. 30, 2025
    • Modified: Aug. 01, 2025

  • 9.8

    CRITICAL
    CVE-2025-8333

    A vulnerability was found in code-projects Online Farm System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /categoryvalue.php. The manipulation of the argument Value leads to sql injection. ... Read more

    Affected Products : online_farm_system
    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 9.8

    CRITICAL
    CVE-2025-8332

    A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /register.php. The manipulation of the argument Username leads to sql injection. It is possible to launch th... Read more

    Affected Products : online_farm_system
    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 8.2

    HIGH
    CVE-2025-54585

    GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. The vulnera... Read more

    Affected Products : gitproxy
    • Published: Jul. 30, 2025
    • Modified: Aug. 01, 2025

  • 9.8

    CRITICAL
    CVE-2025-8331

    A vulnerability was found in code-projects Online Farm System 1.0 and classified as critical. This issue affects some unknown processing of the file /forgot_pass.php. The manipulation of the argument email leads to sql injection. The attack may be initiat... Read more

    Affected Products : online_farm_system
    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 9.8

    CRITICAL
    CVE-2025-8330

    A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit1.php. The manipulation of the argument sno leads to sql injection. The attack can be initiated rem... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 7.0

    HIGH
    CVE-2025-54584

    GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embed... Read more

    Affected Products : gitproxy
    • Published: Jul. 30, 2025
    • Modified: Aug. 01, 2025

  • 8.3

    HIGH
    CVE-2025-54583

    GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). Versions 1.19.1 and below allow users to push to remote repositories while bypassing policies and explicit approvals. Since checks and plugins are skip... Read more

    Affected Products : gitproxy
    • Published: Jul. 30, 2025
    • Modified: Aug. 01, 2025

  • 7.5

    HIGH
    CVE-2025-54581

    vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into parse_ttl_extension where it is parsed as a TTL... Read more

    Affected Products :
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025
Showing 20 of 290940 Results