Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-41655

    An unauthenticated remote attacker can access a URL which causes the device to reboot.... Read more

    Affected Products :
    • Published: May. 26, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Denial of Service

  • 8.2

    HIGH
    CVE-2025-41654

    An unauthenticated remote attacker can access information about running processes via the SNMP protocol. The amount of returned data can trigger a reboot by the watchdog.... Read more

    Affected Products :
    • Published: May. 26, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Information Disclosure

  • 6.1

    MEDIUM
    CVE-2025-1985

    Due to improper neutralization of input during web page generation (XSS) an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device.... Read more

    Affected Products :
    • Published: May. 26, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.1

    CRITICAL
    CVE-2025-5176

    A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been declared as critical. This vulnerability affects unknown code of the file /adm/index.php of the component Admin Login Page. The manipulation of the argument Usuá... Read more

    Affected Products : queue_ticket_kiosk
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2025-5175

    A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The expl... Read more

    Affected Products : pypickle
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-5174

    A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic. Affected by this issue is the function load of the file pypickle/pypickle.py. The manipulation leads to deserialization. Local access is required to approach this at... Read more

    Affected Products : pypickle
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025

  • 7.8

    HIGH
    CVE-2025-5173

    A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/label_studio_ml/exa... Read more

    Affected Products : label_studio_ml_backend
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Misconfiguration

  • 6.3

    MEDIUM
    CVE-2025-41441

    Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature.... Read more

    Affected Products : mailform_pro_cgi mailform_pro_cgi
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2025-5172

    A vulnerability, which was classified as critical, was found in Econtrata up to 20250516. Affected is an unknown function of the file /valida. The manipulation of the argument usuario leads to sql injection. It is possible to launch the attack remotely. T... Read more

    Affected Products : econtrata
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5171

    A vulnerability, which was classified as critical, has been found in llisoft MTA Maita Training System 4.5. This issue affects the function this.fileService.download of the file com\llisoft\controller\OpenController.java. The manipulation of the argument ... Read more

    Affected Products : mta_maita_training_system
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-5170

    A vulnerability classified as critical was found in llisoft MTA Maita Training System 4.5. This vulnerability affects the function AdminShitiListRequestVo of the file com\llisoft\controller\admin\shiti\AdminShitiController.java. The manipulation of the ar... Read more

    Affected Products : mta_maita_training_system
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2025-5169

    A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-boun... Read more

    Affected Products : assimp
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-5168

    A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function MDLImporter::ImportUVCoordinate_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation ... Read more

    Affected Products : assimp
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-5167

    A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function LWOImporter::GetS0 in the library assimp/code/AssetLib/LWO/LWOLoader.h. The manipulation of the argume... Read more

    Affected Products : assimp
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-5166

    A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manip... Read more

    Affected Products : assimp
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-5165

    A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSu... Read more

    Affected Products : assimp
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2025-5164

    A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This vulnerability affects the function JwtUtil of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated ... Read more

    Affected Products : perfreeblog
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Cryptography

  • 6.9

    MEDIUM
    CVE-2025-5163

    A vulnerability, which was classified as problematic, was found in yangshare 技术杨工 warehouseManager 仓库管理系统 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha... Read more

    Affected Products : warehouse_management_system
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-5162

    A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this issue is some unknown functionality of the file /safeEvent/importFile/. The manipulation of the argument logGeneralFile/logGen... Read more

    Affected Products : seccenter_smp-1114p02
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-5161

    A vulnerability classified as problematic was found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this vulnerability is the function operationDailyOut of the file /safeEvent/download. The manipulation of the argument filename leads to path tra... Read more

    Affected Products : seccenter_smp-1114p02
    • Published: May. 26, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Path Traversal
Showing 20 of 292772 Results