Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2020-36648

    A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It ... Read more

    Affected Products : pouet2.0
    • Published: Jan. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-4308

    A vulnerability was found in WebPA up to 3.1.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version 3.1.2 is able to address this issue. The identifier of the patch is 88... Read more

    Affected Products : webpa
    • Published: Jan. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2019-25100

    A vulnerability was found in happyman twmap. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file twmap3/data/ajaxCRUD/pointdata2.php. The manipulation of the argument id leads to sql injection. Upgradin... Read more

    Affected Products : twmap
    • Published: Jan. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0668

    JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user.... Read more

    Affected Products : artifactory
    • Published: Jan. 08, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-4311

    A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128... Read more

    Affected Products : open_studio open_studio_for_mdm
    • Published: Jan. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-125071

    A vulnerability was found in lukehutch Gribbit. It has been classified as problematic. Affected is the function messageReceived of the file src/gribbit/request/HttpRequestHandler.java. The manipulation leads to missing origin validation in websockets. The... Read more

    Affected Products : gribbit
    • Published: Jan. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10034

    A vulnerability has been found in j-nowak workout-organizer and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. The patch is identified as 13cd6c3d1210640bfdb39872b2bb3597aa991279. It is recommende... Read more

    Affected Products : workout-organizer
    • Published: Jan. 09, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-22903

    api/views/user.py in LibrePhotos before e19e539 has incorrect access control.... Read more

    Affected Products : librephotos
    • Published: Jan. 10, 2023
    • Modified: Apr. 07, 2025

  • 9.8

    CRITICAL
    CVE-2015-10037

    A vulnerability, which was classified as critical, was found in ACI_Escola. This affects an unknown part. The manipulation leads to sql injection. The identifier of the patch is 34eed1f7b9295d1424912f79989d8aba5de41e9f. It is recommended to apply a patch ... Read more

    Affected Products : aci_escola
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-125074

    A vulnerability was found in Nayshlok Voyager. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Voyager/src/models/DatabaseAccess.java. The manipulation leads to sql injection. The identifier of the ... Read more

    Affected Products : voyager
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-47864

    Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php.... Read more

    Affected Products : lead_management_system
    • Published: Jan. 11, 2023
    • Modified: Apr. 09, 2025

  • 9.8

    CRITICAL
    CVE-2013-10011

    A vulnerability was found in aeharding classroom-engagement-system and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. The attack may be launched remotely. The name of the patch is 096... Read more

    Affected Products : classroom-engagement-system
    • Published: Jan. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2015-10042

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in Dovgalyuk AIBattle. Affected by this vulnerability is the function registerUser of the file site/procedures.php. The manipulation of the argument postLogin leads to sql in... Read more

    Affected Products : aibattle
    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-0299

    Improper Input Validation in GitHub repository publify/publify prior to 9.2.10.... Read more

    Affected Products : publify
    • Published: Jan. 14, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-125077

    A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This issue affects some unknown processing of the file cgi/cron.php. The manipulation leads to sql injection. The patch is named 281bd679a4474ddb222d16c1c380f252839c... Read more

    Affected Products : searx_stats
    • Published: Jan. 15, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-0311

    Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10.... Read more

    Affected Products : phpmyfaq
    • Published: Jan. 15, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2018-25076

    A vulnerability classified as critical was found in Events Extension on BigTree. Affected by this vulnerability is the function getRandomFeaturedEventByDate/getUpcomingFeaturedEventsInCategoriesWithSubcategories/recacheEvent/searchResults of the file clas... Read more

    Affected Products : events
    • Published: Jan. 16, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-0332

    A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file admin/manage_user.php. The manipulation of the argument id leads to sql injection. It is possible ... Read more

    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-20170

    A vulnerability was found in ollpu parontalli. It has been classified as critical. Affected is an unknown function of the file httpdocs/index.php. The manipulation of the argument s leads to sql injection. The patch is identified as 6891bb2dec57dca6daabc1... Read more

    Affected Products : parontalli
    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-10013

    A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The m... Read more

    Affected Products : authenticator_plugin
    • Published: Jan. 17, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293659 Results