Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-58264

    The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data.... Read more

    Affected Products : serde-json-wasm
    • Published: Jul. 27, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2023-53156

    The transpose crate before 0.2.3 for Rust allows an integer overflow via input_width and input_height arguments.... Read more

    Affected Products : transpose
    • Published: Jul. 27, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-8240

    A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /user/dashboard.php. The manipulation of the argument phone leads to sql injectio... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 5.3

    MEDIUM
    CVE-2024-58263

    The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations.... Read more

    Affected Products : cosmwasm-std
    • Published: Jul. 27, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Misconfiguration

  • 5.1

    MEDIUM
    CVE-2024-58262

    The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM.... Read more

    Affected Products : curve25519-dalek
    • Published: Jul. 27, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Cryptography

  • 7.5

    HIGH
    CVE-2024-58261

    The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertParser operations that encounter an unsupported primary key type.... Read more

    Affected Products : sequoia-openpgp
    • Published: Jul. 27, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 9.8

    CRITICAL
    CVE-2025-8239

    A vulnerability classified as critical was found in code-projects Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument email leads to sql injection. The attack can be la... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8238

    A vulnerability classified as critical has been found in code-projects Exam Form Submission 1.0. Affected is an unknown function of the file /admin/update_s2.php. The manipulation of the argument credits leads to sql injection. It is possible to launch th... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8237

    A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/update_s1.php. The manipulation of the argument credits leads to sql injection. The attack ma... Read more

    Affected Products : exam_form_submission
    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8236

    A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument Name leads to sql injection. The attack ... Read more

    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8235

    A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection. It is possible to initiat... Read more

    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8234

    A vulnerability was found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete_member.php. The manipulation of the argument ID leads to sql injection. The at... Read more

    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8233

    A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection. The ... Read more

    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8232

    A vulnerability, which was classified as critical, was found in code-projects Online Ordering System 1.0. Affected is an unknown function of the file /admin/delete_user.php. The manipulation of the argument ID leads to sql injection. It is possible to lau... Read more

    • Published: Jul. 27, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-8231

    A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to... Read more

    Affected Products : dir-890l_firmware dir-890l
    • Published: Jul. 27, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-8230

    A vulnerability classified as critical was found in Campcodes Courier Management System 1.0. This vulnerability affects unknown code of the file /manage_user.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remo... Read more

    Affected Products : courier_management_system
    • Published: Jul. 27, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-8229

    A vulnerability classified as critical has been found in Campcodes Courier Management System 1.0. This affects an unknown part of the file /parcel_list.php. The manipulation of the argument s leads to sql injection. It is possible to initiate the attack r... Read more

    Affected Products : courier_management_system
    • Published: Jul. 27, 2025
    • Modified: Aug. 07, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-8228

    A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function getPages of the file /cms/collect/getPages. The manipulation of the argument targetUrl leads to server-side request forger... Read more

    Affected Products : chancms chancms
    • Published: Jul. 27, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Server-Side Request Forgery

  • 9.8

    CRITICAL
    CVE-2025-8227

    A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization.... Read more

    Affected Products : chancms chancms
    • Published: Jul. 27, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-8226

    A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been classified as problematic. Affected is an unknown function of the file /sysApp/find. The manipulation of the argument accessKey/secretKey leads to information disclosure. It is pos... Read more

    Affected Products : chancms chancms
    • Published: Jul. 27, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291205 Results