Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2021-43479

    A Remote Code Execution (RCE) vulnerability exists in The-Secretary 2.5 via install.php.... Read more

    Affected Products : the_secretary
    • Published: Mar. 31, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-10657

    A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the att... Read more

    Affected Products : office_anywhere
    • Published: Nov. 01, 2024
    • Modified: Nov. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-37463

    Missing Authorization vulnerability in CRM Perks CRM Perks Forms allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CRM Perks Forms: from n/a through 1.1.5.... Read more

    Affected Products : crm_perks_forms
    • Published: Nov. 01, 2024
    • Modified: Feb. 07, 2025

  • 9.8

    CRITICAL
    CVE-2021-27501

    Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.... Read more

    Affected Products : myvue speech vue_motion vue_pacs
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-27534

    Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automati... Read more

    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-43323

    Missing Authorization vulnerability in ReviewX ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.28.... Read more

    Affected Products : reviewx
    • Published: Nov. 01, 2024
    • Modified: Nov. 19, 2024

  • 9.8

    CRITICAL
    CVE-2024-43919

    Access Control vulnerability in YARPP YARPP allows . This issue affects YARPP: from n/a through 5.30.10.... Read more

    Affected Products : yet_another_related_posts_plugin
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-43979

    Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.... Read more

    Affected Products : blockbooster
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43998

    Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3.... Read more

    Affected Products : blogpoet
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-47321

    Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1.... Read more

    Affected Products : wp_datepicker
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 9.8

    CRITICAL
    CVE-2024-47358

    Missing Authorization vulnerability in Popup Maker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Popup Maker: from n/a through 1.19.2.... Read more

    Affected Products : popup_maker
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 9.8

    CRITICAL
    CVE-2024-10659

    A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthoriseTempletService.java. The manipulation of the argument... Read more

    Affected Products : cdg
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2021-32986

    After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming... Read more

    • Published: Apr. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-10697

    A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to... Read more

    Affected Products : ac6_firmware ac6
    • Published: Nov. 02, 2024
    • Modified: Apr. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-10699

    A vulnerability was found in code-projects Wazifa System 1.0. It has been classified as critical. This affects an unknown part of the file /controllers/logincontrol.php. The manipulation of the argument username leads to sql injection. It is possible to i... Read more

    Affected Products : wazifa_system
    • Published: Nov. 02, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10700

    A vulnerability was found in code-projects University Event Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file submit.php. The manipulation of the argument name/email/title/Year/gender/fromdate/tod... Read more

    • Published: Nov. 02, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10738

    A vulnerability classified as critical was found in itsourcecode Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file manage-breed.php. The manipulation of the argument breed leads to sql injection. The attack... Read more

    • Published: Nov. 03, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10739

    A vulnerability, which was classified as critical, has been found in code-projects E-Health Care System 1.0. Affected by this issue is some unknown functionality of the file /Admin/adminlogin.php. The manipulation of the argument email/admin_pswd as part ... Read more

    Affected Products : e-health_care_system
    • Published: Nov. 03, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10758

    A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument user_name leads to sql injection... Read more

    Affected Products : news-buzz content_management_system
    • Published: Nov. 04, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-51136

    An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted XML file.... Read more

    Affected Products : openimaj
    • Published: Nov. 04, 2024
    • Modified: Nov. 06, 2024
Showing 20 of 294283 Results