Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-57071

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57070

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57069

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57064

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57063

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57062

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57061

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted requ... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57059

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57058

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-57057

    Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-56406

    An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to gain sensitive information or execute arbitrary commands via the SSE service.... Read more

    Affected Products :
    • Published: Sep. 10, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Information Disclosure

  • 7.2

    HIGH
    CVE-2025-52915

    K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller valida... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2025-52322

    An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a crafted Create Session Request message to the SMF (PGW-C), using the IP address of a legitimate UE in the PDN Address Allocation (PAA) field... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2025-52277

    Cross Site Scripting vulnerability in YesWiki v.4.54 allows a remote attacker to execute arbitrary code via a crafted payload to the meta configuration robots field... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.0

    HIGH
    CVE-2025-10231

    An Incorrect File Handling Permission bug exists on the N-central Windows Agent and Probe that, in the right circumstances, can allow a local low-level user to run commands with elevated permissions.... Read more

    Affected Products : n-central
    • Published: Sep. 10, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-10199

    A local privilege escalation vulnerability exists in Sunshine for Windows (version v2025.122.141614 and likely prior versions) due to an unquoted service path.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-10198

    Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories.... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Misconfiguration

  • 9.0

    HIGH
    CVE-2025-10170

    A security vulnerability has been detected in UTT 1200GW up to 3.0.0-170831. This affects the function sub_4B48F8 of the file /goform/formApLbConfig. Such manipulation of the argument loadBalanceNameOld leads to buffer overflow. The attack may be launched... Read more

    Affected Products :
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2025-7954

    A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.... Read more

    Affected Products : shopware
    • Published: Aug. 06, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Race Condition

  • 8.8

    HIGH
    CVE-2025-9364

    An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data.... Read more

    Affected Products : factorytalk_analytics_logixai
    • Published: Sep. 09, 2025
    • Modified: Sep. 10, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293353 Results