Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2024-24399

    An arbitrary file upload vulnerability in LEPTON v7.0.0 allows authenticated attackers to execute arbitrary PHP code by uploading this code to the backend/languages/index.php languages area.... Read more

    Affected Products : leptoncms
    • EPSS Score: %1.74
    • Published: Jan. 25, 2024
    • Modified: Jun. 05, 2025

  • 6.1

    MEDIUM
    CVE-2024-24388

    Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive information via crafted malicious requests to the background login.... Read more

    Affected Products : xunruicms
    • EPSS Score: %0.05
    • Published: Feb. 02, 2024
    • Modified: Jun. 05, 2025

  • 7.5

    HIGH
    CVE-2024-24311

    Path Traversal vulnerability in Linea Grafica "Multilingual and Multistore Sitemap Pro - SEO" (lgsitemaps) module for PrestaShop before version 1.6.6, a guest can download personal information without restriction.... Read more

    • EPSS Score: %0.16
    • Published: Feb. 07, 2024
    • Modified: Jun. 05, 2025

  • 7.5

    HIGH
    CVE-2024-24266

    gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.17
    • Published: Feb. 05, 2024
    • Modified: Jun. 05, 2025

  • 7.5

    HIGH
    CVE-2024-24258

    freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.... Read more

    Affected Products : mupdf
    • EPSS Score: %0.26
    • Published: Feb. 05, 2024
    • Modified: Jun. 05, 2025

  • 4.2

    MEDIUM
    CVE-2024-24254

    PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. This will result in the drone uploading overlapping geofenc... Read more

    Affected Products : px4_drone_autopilot
    • EPSS Score: %0.04
    • Published: Feb. 06, 2024
    • Modified: Jun. 05, 2025

  • 6.1

    MEDIUM
    CVE-2024-24135

    Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks.... Read more

    • EPSS Score: %0.75
    • Published: Jan. 29, 2024
    • Modified: Jun. 05, 2025

  • 6.1

    MEDIUM
    CVE-2024-24131

    SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php.... Read more

    Affected Products : superwebmailer
    • EPSS Score: %9.55
    • Published: Feb. 07, 2024
    • Modified: Jun. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-24019

    A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via /system/roleDataPerm/list... Read more

    Affected Products : novel-plus
    • EPSS Score: %0.07
    • Published: Feb. 07, 2024
    • Modified: Jun. 05, 2025

  • 9.8

    CRITICAL
    CVE-2024-24014

    A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /novel/author/list... Read more

    Affected Products : novel-plus
    • EPSS Score: %0.07
    • Published: Feb. 08, 2024
    • Modified: Jun. 05, 2025

  • 6.5

    MEDIUM
    CVE-2024-22027

    Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (DoS) attack against external services.... Read more

    Affected Products : quiz_maker
    • EPSS Score: %0.51
    • Published: Jan. 12, 2024
    • Modified: Jun. 05, 2025

  • 7.8

    HIGH
    CVE-2022-39151

    A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versio... Read more

    Affected Products : parasolid simcenter_femap
    • EPSS Score: %0.21
    • Published: Sep. 13, 2022
    • Modified: Jun. 05, 2025

  • 7.8

    HIGH
    CVE-2022-34699

    Windows Win32k Elevation of Privilege Vulnerability... Read more

    • EPSS Score: %8.36
    • Published: Aug. 09, 2022
    • Modified: Jun. 05, 2025

  • 7.8

    HIGH
    CVE-2022-34696

    Windows Hyper-V Remote Code Execution Vulnerability... Read more

    • EPSS Score: %0.49
    • Published: Aug. 09, 2022
    • Modified: Jun. 05, 2025

  • 5.3

    MEDIUM
    CVE-2022-34692

    Microsoft Exchange Server Information Disclosure Vulnerability... Read more

    Affected Products : exchange_server
    • EPSS Score: %2.48
    • Published: Aug. 09, 2022
    • Modified: Jun. 05, 2025

  • 8.8

    HIGH
    CVE-2022-34691

    Active Directory Domain Services Elevation of Privilege Vulnerability... Read more

    • EPSS Score: %1.22
    • Published: Aug. 09, 2022
    • Modified: Jun. 05, 2025

  • 7.0

    HIGH
    CVE-2022-33646

    Azure Batch Node Agent Elevation of Privilege Vulnerability... Read more

    Affected Products : azure_batch
    • EPSS Score: %0.89
    • Published: Aug. 09, 2022
    • Modified: Jun. 05, 2025

  • 7.8

    HIGH
    CVE-2022-33640

    System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability... Read more

    • EPSS Score: %1.14
    • Published: Aug. 09, 2022
    • Modified: Jun. 05, 2025

  • 7.3

    HIGH
    CVE-2022-33631

    Microsoft Excel Security Feature Bypass Vulnerability... Read more

    • EPSS Score: %1.94
    • Published: Aug. 09, 2022
    • Modified: Jun. 05, 2025

  • 8.8

    HIGH
    CVE-2022-32555

    Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur.... Read more

    Affected Products : data_exchange_management_studio
    • EPSS Score: %0.19
    • Published: Sep. 13, 2022
    • Modified: Jun. 05, 2025
Showing 20 of 292759 Results