Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-56110

    OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_deal_update in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56109

    OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56108

    OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56107

    OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submit_wifi in file /usr/lib/lua/luci/controller/admin/common_quick_config.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56106

    OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56102

    OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56101

    OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56099

    OS Command Injection vulnerability in Ruijie RG-YST AP_3.0(1)B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56098

    OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56097

    OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56096

    OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restart_modules in file /usr/lib/lua/luci/controller/admin/common.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56095

    OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56094

    OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/host_access_delay.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56093

    OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-56092

    OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 10.0

    HIGH
    CVE-2025-14534

    A vulnerability was determined in UTT 进取 512W up to 3.1.7.7-171114. This impacts the function strcpy of the file /goform/formNatStaticMap of the component Endpoint. Executing manipulation of the argument NatBind can lead to buffer overflow. The attack can... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-14531

    A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. T... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2025-13780

    pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on t... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 8.7

    HIGH
    CVE-2024-58283

    WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the Elfinder file manager. Attackers can exploit the file upload functionality in the elfinder connector to upl... Read more

    Affected Products :
    • Published: Dec. 10, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection

  • 8.6

    HIGH
    CVE-2024-58282

    Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a ... Read more

    Affected Products : serendipity
    • Published: Dec. 10, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Injection
Showing 20 of 3874 Results