Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.7

    MEDIUM
    CVE-2024-47827

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with acce... Read more

    Affected Products : argo_workflows
    • Published: Oct. 28, 2024
    • Modified: Nov. 05, 2024

  • 7.5

    HIGH
    CVE-2023-50310

    IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.... Read more

    Affected Products : cics_transaction_gateway
    • Published: Oct. 23, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10507

    A vulnerability classified as critical was found in Codezips Free Exam Hall Seating Management System 1.0. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be ini... Read more

    • Published: Oct. 30, 2024
    • Modified: Nov. 05, 2024

  • 7.2

    HIGH
    CVE-2024-10506

    A vulnerability classified as critical has been found in code-projects Blood Bank System 1.0. This affects an unknown part of the file /admin/blood/update/B-.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to initiat... Read more

    • Published: Oct. 30, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10609

    A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. It is possible to init... Read more

    Affected Products : tailoring_management_system
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 6.9

    MEDIUM
    CVE-2024-10605

    A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /file/request.php. The manipulation leads to cross-site request forgery. It is possible to initiat... Read more

    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10607

    A vulnerability was found in code-projects Courier Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /track-result.php. The manipulation of the argument Consignment leads to sql injection. The att... Read more

    Affected Products : courier_management_system
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-10608

    A vulnerability was found in code-projects Courier Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument txtusername leads to sql injection. The attack may... Read more

    Affected Products : courier_management_system
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 8.8

    HIGH
    CVE-2024-10610

    A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. The... Read more

    Affected Products : cdg
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 8.8

    HIGH
    CVE-2024-10613

    A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/system/SystemEncryptPolicyService.java. The manipulation of the argument... Read more

    Affected Products : cdg
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 8.8

    HIGH
    CVE-2024-10612

    A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function removeHookInvalidCourse of the file /com/esafenet/servlet/system/HookInvalidCourseService.java. The manipulation of the argument id leads to sql inje... Read more

    Affected Products : cdg
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 8.8

    HIGH
    CVE-2024-10611

    A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection. The attac... Read more

    Affected Products : cdg
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 8.8

    HIGH
    CVE-2024-10596

    A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sq... Read more

    Affected Products : cdg
    • Published: Oct. 31, 2024
    • Modified: Nov. 05, 2024

  • 5.5

    MEDIUM
    CVE-2024-50612

    libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.... Read more

    Affected Products : libsndfile
    • Published: Oct. 27, 2024
    • Modified: Nov. 05, 2024

  • 3.1

    LOW
    CVE-2024-51744

    golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired ... Read more

    Affected Products :
    • Published: Nov. 04, 2024
    • Modified: Nov. 05, 2024

  • 5.3

    MEDIUM
    CVE-2024-51500

    Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could result in unexpected behavior and potential for DDoS attacks... Read more

    Affected Products : meshtastic_firmware
    • Published: Nov. 04, 2024
    • Modified: Nov. 05, 2024

  • 6.4

    MEDIUM
    CVE-2024-10340

    The Shortcodes Blocks Creator Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'scu' shortcode in versions up to, and including, 2.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. Th... Read more

    • Published: Nov. 05, 2024
    • Modified: Nov. 05, 2024

  • 5.1

    MEDIUM
    CVE-2024-50346

    WebFeed is a lightweight web feed reader extension for Firefox/Chrome. Multiple HTML injection vulnerabilities in WebFeed can lead to CSRF and UI spoofing attacks. A remote attacker can provide malicious RSS feeds and attract the victim user to visit it u... Read more

    Affected Products :
    • Published: Nov. 05, 2024
    • Modified: Nov. 05, 2024

  • 6.0

    MEDIUM
    CVE-2024-51498

    cobalt is a media downloader that doesn't piss you off. A malicious cobalt instance could serve links with the `javascript:` protocol, resulting in Cross-site Scripting (XSS) when the user tries to download an item from a picker. This issue has been prese... Read more

    Affected Products :
    • Published: Nov. 05, 2024
    • Modified: Nov. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-37846

    MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI) vulnerability via the Platform Management Edit page.... Read more

    Affected Products : mango
    • Published: Oct. 25, 2024
    • Modified: Nov. 05, 2024
Showing 20 of 291205 Results