Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2025-3509

    A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially leading to privilege escalation and system compromise. Th... Read more

    Affected Products : enterprise_server
    • Published: Apr. 17, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authentication

  • 8.6

    HIGH
    CVE-2025-3246

    An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting in GitHub Markdown that used `$$..$$` math blocks. Exploitation required access to the target GitHub Enterprise Server instance... Read more

    Affected Products : enterprise_server
    • Published: Apr. 17, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2025-3124

    A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed a user to see the names of private repositories that they wouldn't otherwise have access to in the Security Overview in GitHub Advanced Security. The Security Ov... Read more

    Affected Products : enterprise_server
    • Published: Apr. 17, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 7.6

    HIGH
    CVE-2025-29461

    An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the /bid/1/admin/entry-edit/ path.... Read more

    Affected Products : a-blog_cms a-blogcms a-blogcms
    • Published: Apr. 17, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Information Disclosure

  • 7.6

    HIGH
    CVE-2025-29460

    An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.... Read more

    Affected Products : mybb
    • Published: Apr. 17, 2025
    • Modified: Apr. 25, 2025
    • Vuln Type: Information Disclosure

  • 7.6

    HIGH
    CVE-2025-29459

    An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.... Read more

    Affected Products : mybb
    • Published: Apr. 17, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Information Disclosure

  • 7.6

    HIGH
    CVE-2025-29458

    An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.... Read more

    Affected Products : mybb
    • Published: Apr. 17, 2025
    • Modified: Apr. 24, 2025
    • Vuln Type: Information Disclosure

  • 7.6

    HIGH
    CVE-2025-29457

    An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.... Read more

    Affected Products : mybb
    • Published: Apr. 17, 2025
    • Modified: Apr. 24, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-29456

    An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the create Notes function.... Read more

    Affected Products : personal_management_system
    • Published: Apr. 17, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-29453

    An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the my-contacts-settings component.... Read more

    Affected Products : personal_management_system
    • Published: Apr. 17, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2024-42178

    HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution.... Read more

    Affected Products : dryice_myxalytics
    • Published: Apr. 17, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-29455

    An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the Travel Ideas" function.... Read more

    Affected Products : personal_management_system
    • Published: Apr. 17, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-29454

    An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the Upload function.... Read more

    Affected Products : personal_management_system
    • Published: Apr. 17, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Information Disclosure

  • 7.6

    HIGH
    CVE-2025-29452

    An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Proxy Manager component.... Read more

    Affected Products : seo_panel
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Information Disclosure

  • 7.6

    HIGH
    CVE-2025-29451

    An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Mail Setting component.... Read more

    Affected Products : seo_panel
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-29450

    An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component.... Read more

    Affected Products : twonav
    • Published: Apr. 17, 2025
    • Modified: Apr. 23, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-29449

    An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the link identification function.... Read more

    Affected Products : twonav
    • Published: Apr. 17, 2025
    • Modified: Apr. 25, 2025
    • Vuln Type: Information Disclosure

  • 8.8

    HIGH
    CVE-2025-3765

    A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-photo.php. The manipulation of the argument Avatar leads to ... Read more

    • Published: Apr. 17, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-3764

    A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This vulnerability affects unknown code of the file /edit-product.php. The manipulation of the argument Avatar leads to unrestricted uploa... Read more

    • Published: Apr. 17, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Misconfiguration

  • 6.4

    MEDIUM
    CVE-2024-42177

    HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system... Read more

    Affected Products : dryice_myxalytics
    • Published: Apr. 17, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Cryptography
Showing 20 of 293609 Results