Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2014-7523

    The Radio Bethlehem RB2000 (aka com.Abuhadbah.rbl2000v2) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : radio_bethlehem_rb2000
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-36146

    A Stored Cross-Site Scripting (XSS) vulnerability was found in Multilaser RE 170 using firmware 2.2.6733.... Read more

    Affected Products : re170_firmware re170
    • Published: Jun. 30, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2024-13081

    A vulnerability was found in PHPGurukul Land Record System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/contactus.php. The manipulation of the argument Page Description leads to cross site scripting.... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2023-36234

    Cross Site Scripting (XSS) vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function.... Read more

    Affected Products : netbox netbox
    • Published: Sep. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2024-13069

    A vulnerability was found in SourceCodester Multi Role Login System 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/add-user.php. The manipulation of the argument name leads to cross site scripting. It is ... Read more

    Affected Products : multi_role_login_system
    • Published: Dec. 31, 2024
    • Modified: Apr. 29, 2025

  • 5.4

    MEDIUM
    CVE-2014-7566

    The Stift Neuburg (aka de.appack.project.neuburg) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : stift_neuburg
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2024-4512

    A vulnerability classified as problematic was found in SourceCodester Prison Management System 1.0. This vulnerability affects unknown code of the file /Employee/edit-profile.php. The manipulation of the argument txtfullname/txtdob/txtaddress/txtqualifica... Read more

    • Published: May. 06, 2024
    • Modified: Feb. 10, 2025

  • 5.4

    MEDIUM
    CVE-2014-7571

    The Grey's Anatomy Fan (aka nl.jborsje.android.tvfan.greysanatomy) application 3.7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ... Read more

    Affected Products : grey\'s_anatomy_fan
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7604

    The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted cer... Read more

    Affected Products : easy_tips_for_glowing_skin
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7607

    The Swamiji.tv (aka org.yidl.SwamijiTV) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : swamiji.tv
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-36488

    ILIAS 7.21 and 8.0_beta1 through 8.2 is vulnerable to stored Cross Site Scripting (XSS).... Read more

    Affected Products : ilias
    • Published: Jun. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-7614

    The Warrior Beach Retreat (aka com.wWarriorBeachRetreat) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : warrior_beach_retreat
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7618

    The Interior Design (aka com.interior.design.mcreda) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : interior_design
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-6797

    The Abu Ali Anasheeds (aka com.faapps.abuali_anasheeds) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.... Read more

    Affected Products : abu_ali_anasheeds
    • Published: Sep. 29, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-48825

    Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.... Read more

    Affected Products : availability_booking_calendar
    • Published: Dec. 07, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-7659

    The ExpeditersOnline.com Forum (aka com.quoord.tapatalkeo.activity) application 3.7.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafte... Read more

    Affected Products : expeditersonline.com_forum
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2023-48836

    Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.... Read more

    Affected Products : car_rental_script
    • Published: Dec. 07, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2014-7694

    The Corvette Museum (aka com.app_corvettemuseum.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate... Read more

    Affected Products : corvette_museum
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7703

    The Terrorizer Magazine (aka com.triactivemedia.terrorizer) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted cer... Read more

    Affected Products : terrorizer_magazine
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2014-7735

    The Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifica... Read more

    Affected Products : dr._sheikh_adnan_ibrahim
    • Published: Oct. 21, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 293592 Results