Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-49230

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Harpreet Singh Ajax Custom CSS/JS allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through 2.0.4.... Read more

    Affected Products : ajax_custom_css\/js
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49228

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CrossedCode bVerse Convert allows Stored XSS.This issue affects bVerse Convert: from n/a through 1.3.7.1.... Read more

    Affected Products : bverse_convert
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49225

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Swebdeveloper wpPricing Builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through 1.5.0.... Read more

    Affected Products : wppricing_builder
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49224

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mahesh Patel Mitm Bug Tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through 1.0.... Read more

    Affected Products : mitm_bug_tracker
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-21262

    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco... Read more

    Affected Products : mysql mysql_connector\/odbc
    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49239

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nikhil Vaghela Add Categories Post Footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through 2.2.2.... Read more

    Affected Products : add_categories_post_footer
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49240

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5.... Read more

    Affected Products : ab_categories_search_widget
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49241

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3.... Read more

    Affected Products : tito
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 3.5

    LOW
    CVE-2024-21242

    Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with ne... Read more

    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 5.4

    MEDIUM
    CVE-2024-21286

    Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management product of Oracle PeopleSoft (component: Enterprise Learning Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged... Read more

    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 2.4

    LOW
    CVE-2024-4211

    Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been disc... Read more

    Affected Products : application_automation_tools
    • Published: Oct. 16, 2024
    • Modified: Oct. 21, 2024

  • 7.5

    HIGH
    CVE-2024-21272

    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple prot... Read more

    Affected Products : mysql mysql_connector\/python
    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 8.1

    HIGH
    CVE-2024-21283

    Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Global Payroll for Core). Supported versions that are affected are 9.2.48-9.2.50. Easily exploitable vulnerability allows low privileged attacker ... Read more

    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 8.1

    HIGH
    CVE-2024-21282

    Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTT... Read more

    Affected Products : e-business_suite financials
    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 2.4

    LOW
    CVE-2024-4692

    Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization confi... Read more

    Affected Products : application_automation_tools
    • Published: Oct. 16, 2024
    • Modified: Oct. 21, 2024

  • 8.1

    HIGH
    CVE-2024-21280

    Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component: Authoring). Supported versions that are affected are 12.2.5-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP... Read more

    Affected Products : service_contracts
    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 8.1

    HIGH
    CVE-2024-21279

    Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compro... Read more

    Affected Products : e-business_suite sourcing
    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 8.1

    HIGH
    CVE-2024-21278

    Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite (component: Award Processes). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged a... Read more

    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 8.1

    HIGH
    CVE-2024-21277

    Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Device Integration). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with ne... Read more

    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024

  • 8.1

    HIGH
    CVE-2024-21276

    Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Messages). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to... Read more

    Affected Products : e-business_suite work_in_process
    • Published: Oct. 15, 2024
    • Modified: Oct. 21, 2024
Showing 20 of 291520 Results