Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-0363

    A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file admin/patient-search.php. The manipulation of the argument searchdata leads to... Read more

    • Published: Jan. 10, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-12960

    A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. This issue affects some unknown processing of the file /update_edu_details.php. The manipulation of the argument q leads to sql injecti... Read more

    Affected Products : portfolio_management_system_mca
    • Published: Dec. 26, 2024
    • Modified: Feb. 28, 2025

  • 9.8

    CRITICAL
    CVE-2024-0540

    A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to lau... Read more

    Affected Products : w9_firmware w9
    • Published: Jan. 15, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-38879

    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public net... Read more

    Affected Products : omnivise_t3000_application_server
    • Published: Aug. 02, 2024
    • Modified: Sep. 20, 2024

  • 9.8

    CRITICAL
    CVE-2021-24951

    The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id parameter before using it in SQL statements when duplicating course/lesson/quiz/question, leading to SQL Injections issues... Read more

    Affected Products : learnpress
    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0715

    Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.This issue affects Hitachi Global Link Manager: before 8.8.7-03. ... Read more

    Affected Products : windows global_link_manager
    • Published: Feb. 20, 2024
    • Modified: Feb. 12, 2025

  • 9.8

    CRITICAL
    CVE-2024-0738

    A vulnerability, which was classified as critical, has been found in 个人开源 mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack ... Read more

    Affected Products : mldong
    • Published: Jan. 19, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-51928

    An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.... Read more

    Affected Products : yonbip
    • Published: Jan. 20, 2024
    • Modified: Jun. 16, 2025

  • 9.8

    CRITICAL
    CVE-2019-6296

    Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.... Read more

    Affected Products : cleanto
    • Published: Jan. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-39619

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.... Read more

    Affected Products : listingpro
    • Published: Aug. 01, 2024
    • Modified: Aug. 02, 2024

  • 9.8

    CRITICAL
    CVE-2024-0939

    A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted... Read more

    Affected Products : smart_s210_firmware smart_s210
    • Published: Jan. 26, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0994

    A vulnerability was found in Tenda W6 1.0.0.9(4122). It has been declared as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-b... Read more

    Affected Products : w6_firmware w6
    • Published: Jan. 29, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0572

    A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflo... Read more

    Affected Products : lr1200gb_firmware lr1200gb
    • Published: Jan. 16, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-0931

    A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulnerability affects the function saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflow. The attack ca... Read more

    Affected Products : ac10u_firmware ac10u_firmware ac10u
    • Published: Jan. 26, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-10154

    A vulnerability was found in PHPGurukul Boat Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file status.php of the component Check Booking Status Page. The manipulation of the argument emailid le... Read more

    Affected Products : boat_booking_system
    • Published: Oct. 19, 2024
    • Modified: Oct. 22, 2024

  • 9.8

    CRITICAL
    CVE-2024-10165

    A vulnerability was found in Codezips Sales Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file deletecustcom.php. The manipulation of the argument id leads to sql injection. The ... Read more

    Affected Products : sales_management_system
    • Published: Oct. 20, 2024
    • Modified: Oct. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-1027

    A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack r... Read more

    Affected Products : facebook_news_feed_like
    • Published: Jan. 30, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-40130

    open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.... Read more

    Affected Products : open5gs
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-22390

    There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.... Read more

    Affected Products : emui magic_ui
    • Published: Aug. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-10556

    A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. Affected is an unknown function of the file birdsadd.php. The manipulation of the argument id leads to sql injection. It is possible to launch the att... Read more

    Affected Products : pet_shop_management_system
    • Published: Oct. 31, 2024
    • Modified: Nov. 01, 2024
Showing 20 of 294289 Results