Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-5079

    A flaw has been found in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/updateorder.php. Executing manipulation of the argument remark can lead to sql injection. The attack ma... Read more

    Affected Products : online_shopping_portal
    • Published: May. 22, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Injection

  • 7.4

    HIGH
    CVE-2025-5024

    A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also re... Read more

    • Published: May. 22, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2025-45471

    Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and compromise the customer cloud account.... Read more

    Affected Products :
    • Published: May. 22, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-32915

    Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk < 2.4.0p1, < 2.3.0p32, < 2.2.0p42 and <= 2.1.0p49 (EOL). This allows a local attacker to read sensitive data.... Read more

    Affected Products : linux_kernel solaris checkmk checkmk
    • Published: May. 22, 2025
    • Modified: Aug. 26, 2025
    • Vuln Type: Misconfiguration

  • 6.5

    MEDIUM
    CVE-2025-32815

    An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur.... Read more

    Affected Products : netmri
    • Published: May. 22, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-32814

    An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur.... Read more

    Affected Products : netmri
    • Published: May. 22, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-32813

    An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur.... Read more

    Affected Products : netmri
    • Published: May. 22, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-0993

    An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. This could allow an authenticated attacker to cause a denial of service condition by exhausting server resources.... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Denial of Service

  • 4.3

    MEDIUM
    CVE-2025-0679

    An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Under certain conditions un-authorised users can view full email addresses that should be partially obscured.... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Information Disclosure

  • 4.6

    MEDIUM
    CVE-2025-0605

    An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Group access controls could allow certain users to bypass two-factor authentication requirements.... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Authentication

  • 5.3

    MEDIUM
    CVE-2024-54188

    Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access.... Read more

    Affected Products : netmri
    • Published: May. 22, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Authorization

  • 6.8

    MEDIUM
    CVE-2024-12093

    An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-5078

    A vulnerability was detected in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/subcategory.php. Performing manipulation of the argument Category results in sql injection. The attack is possible to be ca... Read more

    Affected Products : online_shopping_portal
    • Published: May. 22, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5077

    A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument Category leads to sql injection. It is possible t... Read more

    Affected Products : online_shopping_portal
    • Published: May. 22, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-5076

    A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component SEND Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. T... Read more

    • Published: May. 22, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-4979

    An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creating t... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-4575

    Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead mar... Read more

    Affected Products : openssl
    • Published: May. 22, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Misconfiguration

  • 6.5

    MEDIUM
    CVE-2025-3111

    An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of servi... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-2853

    An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of proper validation in GitLab could allow an authenticated user to cause a denial of service condition.... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Denial of Service

  • 4.3

    MEDIUM
    CVE-2025-1110

    An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query.... Read more

    Affected Products : gitlab
    • Published: May. 22, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Authorization
Showing 20 of 293507 Results