Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-1723

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veragroup Mobile Assistant allows SQL Injection.This issue affects Mobile Assistant: before 21.S.2343. ... Read more

    Affected Products : mobile_assistant
    • Published: Apr. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-2130

    A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/view_details.php of the component GET Parameter Handler. The manipulation of the arg... Read more

    Affected Products : purchase_order_management_system
    • Published: Apr. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-2144

    A vulnerability was found in Campcodes Online Thesis Archiving System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/departments/view_department.php. The manipulation of the argument id leads to sql injection... Read more

    Affected Products : online_thesis_archiving_system
    • Published: Apr. 18, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-28004

    A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in denial of service or remote code execution. ... Read more

    • Published: Apr. 18, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-3758

    Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution.... Read more

    Affected Products : service_framework
    • Published: Oct. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2023-21459

    Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.... Read more

    Affected Products : android android dex exynos_2100
    • Published: Mar. 16, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-9367

    A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST... Read more

    • Published: Oct. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2023-2218

    A vulnerability has been found in SourceCodester Task Reminder System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injection. The attack c... Read more

    • Published: Apr. 21, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-25133

    Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and ... Read more

    Affected Products : powerpanel
    • Published: Apr. 24, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-24819

    RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in... Read more

    Affected Products : riot
    • Published: Apr. 24, 2023
    • Modified: Feb. 04, 2025

  • 9.8

    CRITICAL
    CVE-2023-30370

    In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.... Read more

    Affected Products : ac15_firmware ac15
    • Published: Apr. 24, 2023
    • Modified: Feb. 04, 2025

  • 9.8

    CRITICAL
    CVE-2023-30375

    In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.... Read more

    Affected Products : ac15_firmware ac15
    • Published: Apr. 24, 2023
    • Modified: Feb. 05, 2025

  • 9.8

    CRITICAL
    CVE-2023-1020

    The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.... Read more

    Affected Products : wp_live_chat_shoutbox
    • Published: Apr. 24, 2023
    • Modified: Feb. 04, 2025

  • 9.8

    CRITICAL
    CVE-2023-25313

    OS injection vulnerability in World Wide Broadcast Network AVideo version before 12.4, allows attackers to execute arbitrary code via the video link field to the Embed a video link feature.... Read more

    Affected Products : avideo
    • Published: Apr. 25, 2023
    • Modified: Feb. 03, 2025

  • 9.8

    CRITICAL
    CVE-2023-1969

    A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file /admin/inventory/manage_stock.php of the component GET Parameter Handler. The manipulation of the argument id l... Read more

    • Published: Apr. 10, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-29268

    The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that allows an unauthenticated remote attacker to upload or modify arbitrary files within the web server directory on the affected system. Affe... Read more

    Affected Products : spotfire_statistics_services
    • Published: Apr. 26, 2023
    • Modified: Jan. 30, 2025

  • 9.8

    CRITICAL
    CVE-2023-2344

    A vulnerability has been found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=save_service of the component HTTP POST Reques... Read more

    • Published: Apr. 27, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-2348

    A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injecti... Read more

    • Published: Apr. 27, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-2365

    A vulnerability has been found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax.php?action=delete_subject. The manipulation of the argument id leads to ... Read more

    Affected Products : faculty_evaluation_system
    • Published: Apr. 28, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-2368

    A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php?page=manage_questionnaire. The manipulation of the argument id leads to sql injectio... Read more

    Affected Products : faculty_evaluation_system
    • Published: Apr. 28, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293510 Results