Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-52343

    In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2023-52344

    In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2023-52346

    In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2023-52347

    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2023-52348

    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2023-52351

    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2023-52533

    In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 5.9

    MEDIUM
    CVE-2023-52534

    In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2023-52535

    In vsp driver, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t610 t618
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 4.4

    MEDIUM
    CVE-2024-23658

    In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 8.4

    HIGH
    CVE-2024-39441

    In wifi display, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed.... Read more

    Affected Products : android s8000 t310 t606 t610 t612 t616 t618 t760 t770 +3 more products
    • Published: Feb. 26, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2023-52341

    In Plaintext COUNTER CHECK message accepted before AS security activation, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed... Read more

    Affected Products : android s8000 t760 t770 t820
    • Published: Apr. 08, 2024
    • Modified: May. 06, 2025

  • 6.3

    MEDIUM
    CVE-2024-42789

    A Reflected Cross Site Scripting (XSS) vulnerability was found in "/music/controller.php?page=test" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via the "page" parameter.... Read more

    Affected Products : music_management_system
    • Published: Aug. 26, 2024
    • Modified: May. 06, 2025

  • 6.1

    MEDIUM
    CVE-2024-42788

    A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_music" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via "title" & "artist" parameter fields.... Read more

    Affected Products : music_management_system
    • Published: Aug. 26, 2024
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2024-42791

    A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via /music/ajax.php?action=delete_genre.... Read more

    Affected Products : music_management_system
    • Published: Aug. 26, 2024
    • Modified: May. 06, 2025

  • 6.1

    MEDIUM
    CVE-2024-42787

    A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via "title" & "description" parameter fie... Read more

    Affected Products : music_management_system
    • Published: Aug. 26, 2024
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2024-42765

    A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters.... Read more

    Affected Products : bus_ticket_reservation_system
    • Published: Aug. 23, 2024
    • Modified: May. 06, 2025

  • 9.4

    CRITICAL
    CVE-2024-42764

    Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php.... Read more

    Affected Products : bus_ticket_reservation_system
    • Published: Aug. 23, 2024
    • Modified: May. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-42762

    A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields.... Read more

    Affected Products : bus_ticket_reservation_system
    • Published: Aug. 22, 2024
    • Modified: May. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-42763

    A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter.... Read more

    Affected Products : bus_ticket_reservation_system
    • Published: Aug. 22, 2024
    • Modified: May. 06, 2025
Showing 20 of 291293 Results