Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2025-7112

    A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module... Read more

    Affected Products : i-educar
    • Published: Jul. 07, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.4

    MEDIUM
    CVE-2025-7111

    A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Cur... Read more

    Affected Products : i-educar
    • Published: Jul. 07, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.3

    HIGH
    CVE-2025-53473

    Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers.... Read more

    Affected Products :
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Server-Side Request Forgery

  • 9.8

    CRITICAL
    CVE-2025-48501

    An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running.... Read more

    Affected Products :
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 6.4

    MEDIUM
    CVE-2025-24508

    Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage... Read more

    Affected Products :
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Information Disclosure

  • 5.4

    MEDIUM
    CVE-2025-7110

    A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross s... Read more

    Affected Products : i-educar
    • Published: Jul. 07, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.6

    HIGH
    CVE-2025-7145

    ThreatSonar Anti-Ransomware developed by TeamT5 has an OS Command Injection vulnerability, allowing remote attackers with product platform intermediate privileges to inject arbitrary OS commands and execute them on the server, thereby gaining administrati... Read more

    Affected Products : threatsonar_anti-ransomware
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 5.4

    MEDIUM
    CVE-2025-7109

    A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educar_aluno_beneficio_lst.php of the component Student Benefits Registration. Th... Read more

    Affected Products : i-educar
    • Published: Jul. 07, 2025
    • Modified: Aug. 13, 2025

  • 5.5

    MEDIUM
    CVE-2025-7108

    A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file /Digital-Infrastructure-9.6.7/y9-digitalbase-webapp/y9-module-filemanager/risenet-y9b... Read more

    Affected Products :
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-7107

    A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the argument filePath leads to path traversal. It is pos... Read more

    Affected Products :
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Path Traversal

  • 6.2

    MEDIUM
    CVE-2025-53186

    Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui harmonyos
    • Published: Jul. 07, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Authentication

  • 6.6

    MEDIUM
    CVE-2025-53185

    Virtual address reuse issue in the memory management module, which can be exploited by non-privileged users to access released memory Impact: Successful exploitation of this vulnerability may affect service integrity.... Read more

    Affected Products : emui harmonyos
    • Published: Jul. 07, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-53184

    Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.... Read more

    Affected Products : harmonyos
    • Published: Jul. 07, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-53183

    Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.... Read more

    Affected Products : harmonyos
    • Published: Jul. 07, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-53182

    Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.... Read more

    Affected Products : harmonyos
    • Published: Jul. 07, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-53181

    Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.... Read more

    Affected Products : harmonyos
    • Published: Jul. 07, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-53180

    Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.... Read more

    Affected Products : harmonyos
    • Published: Jul. 07, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-53179

    Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.... Read more

    Affected Products : harmonyos
    • Published: Jul. 07, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Denial of Service

  • 4.8

    MEDIUM
    CVE-2025-53178

    Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule reminder function of head units.... Read more

    Affected Products : emui harmonyos
    • Published: Jul. 07, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Authorization

  • 3.9

    LOW
    CVE-2025-53177

    Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches.... Read more

    Affected Products : emui harmonyos
    • Published: Jul. 07, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Authorization
Showing 20 of 291312 Results