Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2025-59774

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59773

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59772

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59771

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59770

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59769

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59768

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59767

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59766

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-59765

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2025-59745

    Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cryptography

  • 6.9

    MEDIUM
    CVE-2025-59746

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.9

    MEDIUM
    CVE-2025-59747

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.9

    MEDIUM
    CVE-2025-59748

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.9

    MEDIUM
    CVE-2025-59749

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identif... Read more

    Affected Products : e-tms
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2022-50457

    In the Linux kernel, the following vulnerability has been resolved: mtd: core: Fix refcount error in del_mtd_device() del_mtd_device() will call of_node_put() to mtd_get_of_node(mtd), which is mtd->dev.of_node. However, memset(&mtd->dev, 0) is called be... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50444

    In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53497

    In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2_is_streaming() with vb2_start_streaming_called() The vsp1 driver uses the vb2_is_streaming() function in its .buf_queue() handler to check if the .start_streami... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53470

    In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlink_alloc Add a check for NULL on the alloc return. If devlink_alloc() fails and we try to use devlink_priv() on the NULL return, the kernel gets very unh... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50448

    In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix warning without PTE_MARKER_UFFD_WP compiled in When PTE_MARKER_UFFD_WP not configured, it's still possible to reach pte marker code and trigger an warning. Add a few CONFIG... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 4185 Results