Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.2

    HIGH
    CVE-2024-37871

    SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter.... Read more

    • Published: Jul. 09, 2024
    • Modified: May. 14, 2025

  • 4.2

    MEDIUM
    CVE-2024-10815

    The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers... Read more

    Affected Products : postlists
    • Published: Jan. 09, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.1

    HIGH
    CVE-2024-37872

    SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.... Read more

    Affected Products : billing_system
    • Published: Jul. 09, 2024
    • Modified: May. 14, 2025

  • 6.1

    MEDIUM
    CVE-2024-12096

    The Exhibit to WP Gallery WordPress plugin through 0.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.... Read more

    Affected Products : exhibit_to_wp_gallery
    • Published: Dec. 24, 2024
    • Modified: May. 14, 2025

  • 9.4

    CRITICAL
    CVE-2024-6235

    Sensitive information disclosure in NetScaler Console... Read more

    Affected Products : netscaler_console
    • Published: Jul. 10, 2024
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-42969

    The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been di... Read more

    Affected Products : py
    • EPSS Score: %0.12
    • Published: Oct. 16, 2022
    • Modified: May. 14, 2025

  • 9.8

    CRITICAL
    CVE-2022-42968

    Gitea before 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands are mishandled.... Read more

    Affected Products : gitea
    • EPSS Score: %0.16
    • Published: Oct. 16, 2022
    • Modified: May. 14, 2025

  • 5.3

    MEDIUM
    CVE-2022-42961

    An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatur... Read more

    Affected Products : wolfssl
    • EPSS Score: %0.23
    • Published: Oct. 15, 2022
    • Modified: May. 14, 2025

  • 8.8

    HIGH
    CVE-2022-42234

    There is a file inclusion vulnerability in the template management module in UCMS 1.6... Read more

    Affected Products : ucms
    • EPSS Score: %0.09
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 6.1

    MEDIUM
    CVE-2022-42071

    Online Birth Certificate Management System version 1.0 suffers from a Cross Site Scripting (XSS) Vulnerability.... Read more

    • EPSS Score: %0.10
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41601

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41600

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41585

    The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41584

    The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-41583

    The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.08
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-41582

    The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.08
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 9.1

    CRITICAL
    CVE-2022-41581

    The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.13
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.1

    HIGH
    CVE-2022-41577

    The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41576

    The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.06
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 8.8

    HIGH
    CVE-2022-41539

    Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/users_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.... Read more

    Affected Products : wedding_planner
    • EPSS Score: %0.15
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025
Showing 20 of 291712 Results