Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-7921

    A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /report/ParkOutRecord/GetDataList. The ma... Read more

    Affected Products : jielink\+_jsotc2016
    • Published: Aug. 19, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-6330

    The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.... Read more

    Affected Products : geo_my_wordpress
    • Published: Aug. 19, 2024
    • Modified: May. 27, 2025

  • 9.8

    CRITICAL
    CVE-2024-43399

    Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extr... Read more

    Affected Products : mobile_security_framework
    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-7922

    A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 a... Read more

    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-43354

    Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue affects myCred: from n/a through 2.7.2.... Read more

    Affected Products : mycred
    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-7933

    A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been classified as critical. Affected is an unknown function of the file login1.php of the component Backend Login. The manipulation of the argument user leads to sql ... Read more

    Affected Products : project_expense_monitoring_system
    • Published: Aug. 19, 2024
    • Modified: Aug. 23, 2024

  • 9.8

    CRITICAL
    CVE-2024-7934

    A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file execute.php. The manipulation of the argument code leads to sql injec... Read more

    Affected Products : project_expense_monitoring_system
    • Published: Aug. 19, 2024
    • Modified: Aug. 23, 2024

  • 9.8

    CRITICAL
    CVE-2024-7946

    A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file register.php of the component User Signup. The manipulation of the argument ... Read more

    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-7947

    A vulnerability classified as critical has been found in SourceCodester Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible t... Read more

    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-42562

    Pharmacy Management System commit a2efc8 was discovered to contain a SQL injection vulnerability via the invoice_number parameter at preview.php.... Read more

    Affected Products : pharmacy_management_system
    • Published: Aug. 20, 2024
    • Modified: Jun. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-42568

    School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.... Read more

    Affected Products : school_management_system
    • Published: Aug. 20, 2024
    • Modified: Sep. 03, 2024

  • 9.8

    CRITICAL
    CVE-2024-42569

    School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at paidclass.php.... Read more

    Affected Products : school_management_system
    • Published: Aug. 20, 2024
    • Modified: Jun. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-42574

    School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php.... Read more

    Affected Products : school_management_system
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-8003

    A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log Handler. The manipulation leads to deserialization. The... Read more

    Affected Products : gotribe-admin
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-8023

    A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file /api/blade-system/menu/list?updatexml. The manipulation leads to sql injection. It is possible to launch the attack remotel... Read more

    Affected Products : springblade springblade
    • Published: Aug. 21, 2024
    • Modified: Jun. 04, 2025

  • 9.8

    CRITICAL
    CVE-2024-40453

    squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName.... Read more

    Affected Products : squirrelly
    • Published: Aug. 21, 2024
    • Modified: Aug. 23, 2024

  • 9.8

    CRITICAL
    CVE-2024-42784

    A SQL injection vulnerability in "/music/controller.php?page=view_music" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter.... Read more

    Affected Products : music_management_system
    • Published: Aug. 21, 2024
    • Modified: Aug. 26, 2024

  • 9.8

    CRITICAL
    CVE-2024-43331

    Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.9.3.... Read more

    Affected Products : wp_sms
    • Published: Aug. 22, 2024
    • Modified: Mar. 19, 2025

  • 9.8

    CRITICAL
    CVE-2024-8079

    A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. It has been rated as critical. This issue affects the function exportOvpn. The manipulation leads to buffer overflow. The attack may be initiated remotely. NOTE: The vendor was contact... Read more

    Affected Products : t8_firmware t8 ac1200_t8
    • Published: Aug. 22, 2024
    • Modified: Dec. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-8080

    A vulnerability classified as critical has been found in SourceCodester Online Health Care System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument f_name with the input 1%' or 1=1 ) UNION SELECT 1,2,3,4,5,datab... Read more

    Affected Products : online_health_care_system
    • Published: Aug. 22, 2024
    • Modified: Oct. 17, 2024
Showing 20 of 292767 Results