Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-45452

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Septera septera allows Stored XSS.This issue affects Septera: from n/a through 1.5.1.... Read more

    Affected Products : septera
    • Published: Sep. 17, 2024
    • Modified: Sep. 25, 2024

  • 7.1

    HIGH
    CVE-2024-43970

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SureCart allows Reflected XSS.This issue affects SureCart: from n/a through 2.29.3.... Read more

    Affected Products : surecart
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 7.1

    HIGH
    CVE-2024-43971

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.2.5.... Read more

    Affected Products : sunshine_photo_cart
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 5.9

    MEDIUM
    CVE-2024-43972

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pagelayer Team PageLayer allows Stored XSS.This issue affects PageLayer: from n/a through 1.8.7.... Read more

    Affected Products : pagelayer
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 7.1

    HIGH
    CVE-2024-43975

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in highwarden Super Store Finder allows Cross-Site Scripting (XSS).This issue affects Super Store Finder: from n/a through 6.9.7.... Read more

    Affected Products : super_store_finder
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 6.5

    MEDIUM
    CVE-2024-43983

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through 4.1.13.... Read more

    Affected Products : podlove_podcast_publisher
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 6.5

    MEDIUM
    CVE-2024-43987

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wayneconnor Sliding Door allows Stored XSS.This issue affects Sliding Door: from n/a through 3.6.... Read more

    Affected Products : sliding_door
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 6.5

    MEDIUM
    CVE-2024-43988

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in digitalnature Mystique allows Stored XSS.This issue affects Mystique: from n/a through 2.5.7.... Read more

    Affected Products : mystique
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 6.5

    MEDIUM
    CVE-2024-43991

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in webdzier Hotel Galaxy allows Stored XSS.This issue affects Hotel Galaxy: from n/a through 4.4.24.... Read more

    Affected Products : hotel_galaxy
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 6.5

    MEDIUM
    CVE-2024-43992

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Latepoint LatePoint allows Stored XSS.This issue affects LatePoint: from n/a through 4.9.91.... Read more

    Affected Products : latepoint
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 6.5

    MEDIUM
    CVE-2024-43993

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Liquido allows Stored XSS.This issue affects Liquido: from n/a through 1.0.1.2.... Read more

    Affected Products : liquido
    • Published: Sep. 18, 2024
    • Modified: Sep. 25, 2024

  • 7.4

    HIGH
    CVE-2024-7383

    A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.... Read more

    Affected Products : enterprise_linux
    • Published: Aug. 05, 2024
    • Modified: Sep. 25, 2024

  • 5.5

    MEDIUM
    CVE-2024-42259

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consi... Read more

    Affected Products : linux_kernel
    • Published: Aug. 14, 2024
    • Modified: Sep. 25, 2024

  • 9.8

    CRITICAL
    CVE-2024-7593

    Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.... Read more

    Affected Products : virtual_traffic_management
    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Sep. 25, 2024

  • 7.1

    HIGH
    CVE-2024-44007

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Templates – Elementor & Gutenberg templates allows Reflected XSS.This issue affects SKT Templates – Elementor & Gutenberg templates... Read more

    Affected Products : skt_templates
    • Published: Sep. 17, 2024
    • Modified: Sep. 24, 2024

  • 6.5

    MEDIUM
    CVE-2024-44008

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS.This issue affects Geo Mashup: from n/a through 1.13.12.... Read more

    Affected Products : geo_mashup
    • Published: Sep. 17, 2024
    • Modified: Sep. 24, 2024

  • 7.1

    HIGH
    CVE-2024-44009

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace allows Reflected XSS.This issue affects WCFM Marketplace: from n/a through 3.6.10.... Read more

    Affected Products : wcfm_marketplace
    • Published: Sep. 17, 2024
    • Modified: Sep. 24, 2024

  • 6.5

    MEDIUM
    CVE-2024-44047

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IDX Broker IMPress for IDX Broker allows Stored XSS.This issue affects IMPress for IDX Broker: from n/a through 3.2.2.... Read more

    Affected Products : impress_for_idx_broker
    • Published: Sep. 17, 2024
    • Modified: Sep. 24, 2024

  • 6.5

    MEDIUM
    CVE-2024-44049

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeHunk Gutenberg Blocks – Unlimited blocks For Gutenberg allows Stored XSS.This issue affects Gutenberg Blocks – Unlimited blocks For Gutenberg... Read more

    Affected Products : gutenberg_blocks
    • Published: Sep. 17, 2024
    • Modified: Sep. 24, 2024

  • 6.5

    MEDIUM
    CVE-2024-44050

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Verbosa allows Stored XSS.This issue affects Verbosa: from n/a through 1.2.3.... Read more

    Affected Products : verbosa
    • Published: Sep. 17, 2024
    • Modified: Sep. 24, 2024
Showing 20 of 291128 Results