Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.0 MEDIUM
CVE-2026-20017 — Cisco Secure FTD Software Authenticated Command Injection Vulnerability

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerab…

| Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
5.8 MEDIUM
CVE-2026-20015 — Cisco Secure Firewall ASA Software and Cisco Secure FTD Software IKEv2 DoS Memory Leak Vu…

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device…

Remote | Denial of Service
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
7.7 HIGH
CVE-2026-20014 — Cisco Secure Firewall ASA/Cisco Secure FTD IKEv2 Authentication Remote DoS Vulnerability

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS c…

Remote | Denial of Service
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
5.8 MEDIUM
CVE-2026-20013 — Cisco Secure Firewall ASA/Cisco Secure FTD IKEv2 DoS Memory Exhaustion

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device…

Remote | Denial of Service
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
5.3 MEDIUM
CVE-2026-20009 — Cisco Secure Firewall Adaptive Security Appliance SSH Partial Private Key Authentication …

A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated…

Remote | Authentication
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
6.0 MEDIUM
CVE-2026-20008 — Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Soft…

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow…

| Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
5.8 MEDIUM
CVE-2026-20007 — Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Snort rul…

Remote | Misconfiguration
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
5.8 MEDIUM
CVE-2026-20006 — Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TLS with Snort 3 Den…

A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause t…

Remote | Cryptography
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
4.9 MEDIUM
CVE-2026-20003 — "Cisco Secure FMC SQL Injection Vulnerability"

A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inad…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
8.1 HIGH
CVE-2026-20002 — "Cisco Secure FMC Software SQL Injection Vulnerability"

A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulner…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
6.5 MEDIUM
CVE-2026-20001 — Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities

A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inad…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
0.0 NA
CVE-2025-70220 — D-Link DIR-513 Stack Buffer Overflow Vulnerability

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4.

| Memory Corruption
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
0.0 NA
CVE-2025-70218 — D-Link DIR-513 Stack Buffer Overflow Vulnerability

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component.

| Memory Corruption
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
8.2 HIGH
CVE-2019-25507 — Ashop Shopping Cart Software Lastest SQL Injection via index.php

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
8.2 HIGH
CVE-2019-25506 — FreeSMS 2.1.2 Authentication Bypass via SQL Injection

FreeSMS 2.1.2 contains a boolean-based blind SQL injection vulnerability in the password parameter that allows unauthenticated attackers to bypass authentication by injecting SQL code through the log…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
7.1 HIGH
CVE-2019-25505 — Tradebox 5.4 SQL Injection via symbol Parameter

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST req…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
8.2 HIGH
CVE-2019-25504 — NCrypted Jobgator Lastest SQL Injection via agents Find-Jobs

NCrypted Jobgator contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the experience parameter. Attackers can se…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
7.1 HIGH
CVE-2019-25503 — PHPads 2.0 SQL Injection via click.php3 bannerID

PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. Att…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
6.1 MEDIUM
CVE-2019-25502 — Simple Job Script Cross-Site Scripting via job_type_value Parameter

Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the job_type_value parameter in the jobs endpoint. At…

Remote | Cross-Site Scripting
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
8.2 HIGH
CVE-2019-25501 — Simple Job Script SQL Injection via delete_application_ajax.php

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the app_id parameter. Attackers can send POST re…

Remote | Injection
Mar 04, 2026 Mar 04, 2026
Mar 04, 2026
Mar 04, 2026
Showing 20 of 5030 Results