Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.1

MEDIUM

CVE-2024-10756

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/html_table.php. The manipula...

Affected Products : online_shopping_portal
Published: Nov. 04, 2024

Modified: Nov. 05, 2024
6.1

MEDIUM

CVE-2024-10757

A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Shopping Portal 2.0. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/js_data.php. The ...

Affected Products : online_shopping_portal
Published: Nov. 04, 2024

Modified: Nov. 05, 2024
9.8

CRITICAL

CVE-2024-10758

A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument user_name leads to sql injection...

Affected Products : news-buzz content_management_system
Published: Nov. 04, 2024

Modified: Nov. 05, 2024
8.8

HIGH

CVE-2024-10759

A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit-pig.php. The manipulation of the argument pigno/weight/arrived/breed/remark/status leads to sql...

Affected Products : tailoring_management_system farm_management_system
Published: Nov. 04, 2024

Modified: Nov. 05, 2024
7.5

HIGH

CVE-2024-10760

A vulnerability was found in code-projects University Event Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dodelete.php. The manipulation of the argument id leads to sql injection. The attack may ...

Affected Products : university_event_management_system
Published: Nov. 04, 2024

Modified: Nov. 05, 2024
8.8

HIGH

CVE-2024-48878

Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report....

Affected Products : manageengine_admanager_plus
Published: Nov. 04, 2024

Modified: Nov. 05, 2024
9.8

CRITICAL

CVE-2024-10734

A vulnerability was found in Project Worlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /editPayment.php. The manipulation of the argument recipt_no leads to sql injection. It is possi...

Affected Products : life_insurance_management_system
Published: Nov. 03, 2024

Modified: Nov. 05, 2024
8.6

HIGH

CVE-2024-20426

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a de...

Affected Products : adaptive_security_appliance_software firepower_threat_defense firepower_threat_defense_software
Published: Oct. 23, 2024

Modified: Nov. 05, 2024
9.8

CRITICAL

CVE-2024-10377

A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. This issue affects the function actionPassDecryptApplication1 of the file /com/esafenet/servlet/client/DecryptApplicationService.java. The manipulation of the argument id leads to...

Affected Products : cdg
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
9.8

CRITICAL

CVE-2024-10376

A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. This vulnerability affects the function actionPassOrNotAutoSign of the file /com/esafenet/servlet/service/processsign/AutoSignService.java. The manipulation of the argument Uni...

Affected Products : cdg
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
7.4

HIGH

CVE-2024-47549

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on...

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
7.5

HIGH

CVE-2024-43424

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed....

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
7.5

HIGH

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed....

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
7.5

HIGH

CVE-2024-45829

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed....

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
5.3

MEDIUM

CVE-2024-45842

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests....

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
8.1

HIGH

CVE-2024-47005

Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some configuration APIs....

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
9.8

CRITICAL

CVE-2024-47406

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability....

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
7.4

HIGH

CVE-2024-47801

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web brows...

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
6.2

MEDIUM

CVE-2024-48870

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of ot...

Affected Products : bp-30c25_firmware bp-30c25t_firmware bp-30c25y_firmware bp-30c25z_firmware bp-30m28_firmware bp-30m28t_firmware bp-30m31_firmware bp-30m31t_firmware bp-30m35_firmware bp-30m35t_firmware +630 more products
Published: Oct. 25, 2024

Modified: Nov. 05, 2024
8.8

HIGH

CVE-2024-51248

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the modifyrow function....

Affected Products : vigor3900_firmware vigor3900
Published: Nov. 01, 2024

Modified: Nov. 05, 2024

Showing 20 of 291158 Results

Latest CVE Feed

6.1

6.1

9.8

8.8

7.5

8.8

9.8

8.6

9.8

9.8

7.4

7.5

7.5

7.5

5.3

8.1

9.8

7.4

6.2

8.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable