Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2025-54576

    OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when usin... Read more

    Affected Products : oauth2_proxy
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025

  • 5.3

    MEDIUM
    CVE-2025-54575

    ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite... Read more

    Affected Products : imagesharp
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025

  • 8.6

    HIGH
    CVE-2025-53022

    TrustedFirmware-M (aka Trusted Firmware for M profile Arm CPUs) before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade (FWU) module does not validate the length field of th... Read more

    Affected Products :
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025

  • 8.2

    HIGH
    CVE-2025-52187

    GetProjectsIdea Create School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in my_profile_update_form1.php.... Read more

    Affected Products : create_school_management_system
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 6.1

    MEDIUM
    CVE-2025-51954

    playground.electronhub.ai v1.1.9 was discovered to contain a cross-site scripting (XSS) vulnerability.... Read more

    Affected Products : ai_playground
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 8.1

    HIGH
    CVE-2024-48916

    Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC ... Read more

    Affected Products : ceph
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025

  • 9.8

    CRITICAL
    CVE-2025-8329

    A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. This affects an unknown part of the file /filter3.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the at... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 6.1

    MEDIUM
    CVE-2025-51951

    andisearch v0.5.249 was discovered to contain a cross-site scripting (XSS) vulnerability.... Read more

    Affected Products : andisearch
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2025-50777

    The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data includ... Read more

    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 6.5

    MEDIUM
    CVE-2025-50464

    A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size ... Read more

    Affected Products : nas_firmware nas
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 7.8

    HIGH
    CVE-2025-36609

    Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.... Read more

    Affected Products : smartfabric_os10
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 6.5

    MEDIUM
    CVE-2025-36608

    Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized... Read more

    Affected Products : smartfabric_os10
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 5.5

    MEDIUM
    CVE-2025-30103

    Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access... Read more

    Affected Products : smartfabric_os10
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 9.8

    CRITICAL
    CVE-2025-8328

    A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument USN leads to sql injection. The a... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 9.8

    CRITICAL
    CVE-2025-8327

    A vulnerability classified as critical was found in code-projects Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_s8.php. The manipulation of the argument ID leads to sql injection. The attack... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 30, 2025
    • Modified: Aug. 05, 2025

  • 6.5

    MEDIUM
    CVE-2025-30480

    Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation vulnerability in PowerProtect Data Manager. A low privileged attacker with remote access could potentially exploit this vulnerability to read arbitrary files.... Read more

    Affected Products : powerprotect_data_manager
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025

  • 8.8

    HIGH
    CVE-2025-30105

    Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be... Read more

    Affected Products : xtremio_management_server
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025

  • 8.8

    HIGH
    CVE-2025-26332

    TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information ex... Read more

    Affected Products :
    • Published: Jul. 30, 2025
    • Modified: Jul. 31, 2025

  • 8.1

    HIGH
    CVE-2025-45620

    An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information via a crafted request... Read more

    Affected Products : ptc310uv2_firmware ptc310uv2
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025

  • 6.5

    MEDIUM
    CVE-2025-45619

    An issue in Aver PTC310UV2 firmware v.0.1.0000.59 allows a remote attacker to execute arbitrary code via the SendAction function... Read more

    Affected Products : ptc310uv2_firmware ptc310uv2
    • Published: Jul. 30, 2025
    • Modified: Aug. 06, 2025
Showing 20 of 290940 Results