Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.7

    MEDIUM
    CVE-2024-45984

    A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management System 1.0 allows an attacker to inject malicious scripts that will be executed when the Donor List is viewed.... Read more

    • Published: Sep. 26, 2024
    • Modified: May. 14, 2025

  • 5.4

    MEDIUM
    CVE-2024-10151

    The Auto iFrame WordPress plugin before 2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Store... Read more

    Affected Products : auto_iframe
    • Published: Jan. 08, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2024-12585

    The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.... Read more

    Affected Products : propertyhive
    • Published: Jan. 08, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2024-44587

    itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via the "menu" parameter.... Read more

    • Published: Sep. 05, 2024
    • Modified: May. 14, 2025

  • 8.2

    HIGH
    CVE-2024-37871

    SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter.... Read more

    • Published: Jul. 09, 2024
    • Modified: May. 14, 2025

  • 4.2

    MEDIUM
    CVE-2024-10815

    The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers... Read more

    Affected Products : postlists
    • Published: Jan. 09, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.1

    HIGH
    CVE-2024-37872

    SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.... Read more

    Affected Products : billing_system
    • Published: Jul. 09, 2024
    • Modified: May. 14, 2025

  • 6.1

    MEDIUM
    CVE-2024-12096

    The Exhibit to WP Gallery WordPress plugin through 0.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.... Read more

    Affected Products : exhibit_to_wp_gallery
    • Published: Dec. 24, 2024
    • Modified: May. 14, 2025

  • 9.4

    CRITICAL
    CVE-2024-6235

    Sensitive information disclosure in NetScaler Console... Read more

    Affected Products : netscaler_console
    • Published: Jul. 10, 2024
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-42969

    The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been di... Read more

    Affected Products : py
    • EPSS Score: %0.12
    • Published: Oct. 16, 2022
    • Modified: May. 14, 2025

  • 9.8

    CRITICAL
    CVE-2022-42968

    Gitea before 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands are mishandled.... Read more

    Affected Products : gitea
    • EPSS Score: %0.16
    • Published: Oct. 16, 2022
    • Modified: May. 14, 2025

  • 5.3

    MEDIUM
    CVE-2022-42961

    An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatur... Read more

    Affected Products : wolfssl
    • EPSS Score: %0.23
    • Published: Oct. 15, 2022
    • Modified: May. 14, 2025

  • 8.8

    HIGH
    CVE-2022-42234

    There is a file inclusion vulnerability in the template management module in UCMS 1.6... Read more

    Affected Products : ucms
    • EPSS Score: %0.09
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 6.1

    MEDIUM
    CVE-2022-42071

    Online Birth Certificate Management System version 1.0 suffers from a Cross Site Scripting (XSS) Vulnerability.... Read more

    • EPSS Score: %0.10
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41601

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41600

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41585

    The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41584

    The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-41583

    The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.08
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-41582

    The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.08
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025
Showing 20 of 291641 Results