Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.1

    MEDIUM
    CVE-2025-8222

    A vulnerability, which was classified as problematic, has been found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. Affected by this issue is some unknown functionality of the file GoodsController.java. The manipula... Read more

    Affected Products :
    • Published: Jul. 27, 2025
    • Modified: Jul. 29, 2025

  • 5.3

    MEDIUM
    CVE-2025-8221

    A vulnerability classified as problematic was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. Affected by this vulnerability is the function goodsSearch of the file GoodsCustController.java. The manipulation of... Read more

    Affected Products :
    • Published: Jul. 27, 2025
    • Modified: Jul. 29, 2025

  • 4.3

    MEDIUM
    CVE-2025-8104

    The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.98. This is due to missing nonce validation in the wpmemory_install_plugin() function. This makes it possible for unauthenticated att... Read more

    Affected Products : wp-memory
    • Published: Jul. 27, 2025
    • Modified: Jul. 29, 2025

  • 7.5

    HIGH
    CVE-2025-8220

    A vulnerability classified as critical has been found in Engeman Web up to 12.0.0.1. Affected is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cook... Read more

    Affected Products :
    • Published: Jul. 27, 2025
    • Modified: Aug. 03, 2025

  • 6.5

    MEDIUM
    CVE-2025-8219

    A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. It has been rated as critical. This issue affects some unknown processing of the file /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php of the component HTTP POS... Read more

    Affected Products :
    • Published: Jul. 27, 2025
    • Modified: Jul. 29, 2025

  • 7.2

    HIGH
    CVE-2025-54597

    LinuxServer.io Heimdall before 2.7.3 allows XSS via the q parameter.... Read more

    Affected Products : heimdall_application_dashboard
    • Published: Jul. 27, 2025
    • Modified: Aug. 07, 2025

  • 4.4

    MEDIUM
    CVE-2025-6241

    LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malic... Read more

    Affected Products :
    • Published: Jul. 27, 2025
    • Modified: Jul. 30, 2025

  • 6.1

    MEDIUM
    CVE-2025-8211

    A vulnerability was found in Roothub up to 2.6. It has been declared as problematic. Affected by this vulnerability is the function Edit of the file src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java. The manipulation leads to cross site ... Read more

    Affected Products : roothub
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 5.3

    MEDIUM
    CVE-2025-8210

    A vulnerability was found in Yeelink Yeelight App up to 3.5.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component com.yeelight.cherry. The manipulation leads to improper expor... Read more

    Affected Products : yeelight
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 5.3

    MEDIUM
    CVE-2025-8207

    A vulnerability was found in Canara ai1 Mobile Banking App 3.6.23 on Android and classified as problematic. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.canarabank.mobility. The manipulation leads to impr... Read more

    Affected Products : ai1
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 4.7

    MEDIUM
    CVE-2025-8206

    A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998.179. This affects an unknown part of the component IP DNS Leakage Detector. The manipulation leads to cross site scripting. It is possible to initiate the at... Read more

    Affected Products : dragon
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 6.3

    MEDIUM
    CVE-2025-8205

    A vulnerability, which was classified as problematic, has been found in Comodo Dragon up to 134.0.6998.179. Affected by this issue is some unknown functionality of the component IP DNS Leakage Detector. The manipulation leads to cleartext transmission of ... Read more

    Affected Products : dragon
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 3.7

    LOW
    CVE-2025-8204

    A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179. Affected by this vulnerability is an unknown functionality of the component HSTS Handler. The manipulation leads to security check for standard. The attack can be l... Read more

    Affected Products : dragon
    • Published: Jul. 26, 2025
    • Modified: Jul. 31, 2025

  • 6.5

    MEDIUM
    CVE-2025-8203

    A vulnerability classified as critical has been found in Jingmen Zeyou Large File Upload Control up to 6.3. Affected is an unknown function of the file /index.jsp. The manipulation of the argument ID leads to sql injection. It is possible to launch the at... Read more

    Affected Products :
    • Published: Jul. 26, 2025
    • Modified: Jul. 29, 2025

  • 5.1

    MEDIUM
    CVE-2025-8191

    A vulnerability, which was classified as problematic, was found in macrozheng mall up to 1.0.3. Affected is an unknown function of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site ... Read more

    Affected Products :
    • Published: Jul. 26, 2025
    • Modified: Jul. 29, 2025

  • 8.8

    HIGH
    CVE-2025-8190

    A vulnerability, which was classified as critical, has been found in Campcodes Courier Management System 1.0. This issue affects some unknown processing of the file /print_pdets.php. The manipulation of the argument ids leads to sql injection. The attack ... Read more

    Affected Products : courier_management_system
    • Published: Jul. 26, 2025
    • Modified: Aug. 07, 2025

  • 8.8

    HIGH
    CVE-2025-8189

    A vulnerability classified as critical was found in Campcodes Courier Management System 1.0. This vulnerability affects unknown code of the file /edit_user.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remote... Read more

    Affected Products : courier_management_system
    • Published: Jul. 26, 2025
    • Modified: Aug. 07, 2025

  • 8.8

    HIGH
    CVE-2025-8188

    A vulnerability classified as critical has been found in Campcodes Courier Management System 1.0. This affects an unknown part of the file /edit_staff.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack r... Read more

    Affected Products : courier_management_system
    • Published: Jul. 26, 2025
    • Modified: Aug. 07, 2025

  • 8.8

    HIGH
    CVE-2025-8187

    A vulnerability was found in Campcodes Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /edit_parcel.php. The manipulation of the argument ID leads to sql injection. The attack ... Read more

    Affected Products : courier_management_system
    • Published: Jul. 26, 2025
    • Modified: Aug. 07, 2025

  • 8.8

    HIGH
    CVE-2025-8186

    A vulnerability was found in Campcodes Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_branch.php. The manipulation of the argument ID leads to sql injection. Th... Read more

    Affected Products : courier_management_system
    • Published: Jul. 26, 2025
    • Modified: Aug. 07, 2025
Showing 20 of 290981 Results