Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.9

MEDIUM

CVE-2025-34232

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
8.8

HIGH

CVE-2025-34231

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind and non-blind server-side request forgery (SSRF) vulnerability. The '/var/www/app/consol...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
6.9

MEDIUM

CVE-2025-34230

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
6.9

MEDIUM

CVE-2025-34229

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a blind server-side request forgery (SSRF) vulnerability reachable via the /var/www/app/console_...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
8.8

HIGH

CVE-2025-34228

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a server-side request forgery (SSRF) vulnerability. The `/var/www/app/console_release/lexmark/up...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
8.8

HIGH

CVE-2025-34225

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contain a server-side request forgery (SSRF) vulnerability. The `console_release` directory is reachable...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Server-Side Request Forgery
10.0

CRITICAL

CVE-2025-34224

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose a set of PHP scripts under the `console_release` directory without requiring authentication. An...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34223

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) contain a default admin account and an installation‑time endpoint at `/admin/query/update_database.php`...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34222

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose four admin routes – /admin/hp/cert_upload, /admin/hp/cert_delete, /admin/certs/ca, and /admin/ce...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34221

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 25.2.1518 (VA/SaaS deployments) expose every internal Docker container to the network because firewall rules allow unrestricted traffic ...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
6.9

MEDIUM

CVE-2025-34220

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests t...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Authentication
10.0

CRITICAL

CVE-2025-34218

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA/SaaS deployments) expose internal Docker containers through the gw Docker instance. The gateway publishes a /meta endpoi...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Information Disclosure
10.0

CRITICAL

CVE-2025-34216

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 (VA deployments only) expose a set of unauthenticated REST API endpoints that return configuration files and clear‑text passw...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Information Disclosure
9.8

CRITICAL

CVE-2025-34215

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 (only VA deployments) expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 18, 2025

Vuln Type: Misconfiguration
9.8

CRITICAL

CVE-2025-34212

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 (VA/SaaS deployments) possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Exte...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 09, 2025

Vuln Type: Supply Chain
9.3

CRITICAL

CVE-2025-34211

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA and SaaS deployments) contain a private SSL key and matching public certificate stored in cleartext. The key belongs to t...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 03, 2025

Vuln Type: Cryptography
9.4

CRITICAL

CVE-2025-34209

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 (VA and SaaS deployments) contain Docker images with the private GPG key and passphrase for the account *no‑reply+virtual‑appliance@printerlog...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 03, 2025

Vuln Type: Supply Chain
9.8

CRITICAL

CVE-2025-34207

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 (VA and SaaS deployments) configure the SSH client within Docker instances with the following options: `UserKnownHostsFile=/dev/null`, `Stric...

Affected Products : virtual_appliance_application virtual_appliance_host
Published: Sep. 29, 2025

Modified: Oct. 03, 2025

Vuln Type: Misconfiguration
9.3

CRITICAL

CVE-2025-30247

An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST....

Affected Products : my_cloud_firmware
Published: Sep. 29, 2025

Modified: Oct. 02, 2025

Vuln Type: Injection
6.5

MEDIUM

CVE-2025-56764

Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username exists or not by returning different error messages ("Unknown user" vs. "Wrong password"), allowing an attacker to enumerate valid usernames....

Affected Products : trivision_nc-227wf_firmware trivision_nc-227wf
Published: Sep. 29, 2025

Modified: Oct. 18, 2025

Vuln Type: Authentication

Showing 20 of 3858 Results

Browse by Apps

Latest CVE Feed

6.9

8.8

6.9

6.9

8.8

8.8

10.0

10.0

10.0

10.0

6.9

10.0

10.0

9.8

9.8

9.3

9.4

9.8

9.3

6.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable