Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2024-42603

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearall... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42605

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/edit_page.php?link_id=1... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42606

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_log.php?clear=1... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42607

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=database... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42609

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=avatars... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42610

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=files... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42611

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/admin_page.php?link_id=1&mode=delete... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42613

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=install&widget=akismet... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42617

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_config.php?action=save&var_id=32... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42618

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /module.php?module=karma... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 8.8

    HIGH
    CVE-2024-42621

    Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_editor.php... Read more

    Affected Products : pligg_cms
    • Published: Aug. 20, 2024
    • Modified: Aug. 21, 2024

  • 7.5

    HIGH
    CVE-2024-43380

    fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse ... Read more

    Affected Products : fugit
    • Published: Aug. 19, 2024
    • Modified: Aug. 21, 2024

  • 3.4

    LOW
    CVE-2024-43379

    TruffleHog is a secrets scanning tool. Prior to v3.81.9, this vulnerability allows a malicious actor to craft data in a way that, when scanned by specific detectors, could trigger the detector to make an unauthorized request to an endpoint chosen by the a... Read more

    Affected Products : trufflehog
    • Published: Aug. 19, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-7921

    A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /report/ParkOutRecord/GetDataList. The ma... Read more

    Affected Products : jielink\+_jsotc2016
    • Published: Aug. 19, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-44076

    In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.... Read more

    Affected Products : microcks
    • Published: Aug. 19, 2024
    • Modified: Aug. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-7920

    A vulnerability, which was classified as problematic, was found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805. Affected is an unknown function of the file /Report/ParkCommon/GetParkInThroughDeivces. The manipulation lead... Read more

    Affected Products : jielink\+_jsotc2016
    • Published: Aug. 19, 2024
    • Modified: Aug. 21, 2024

  • 7.2

    HIGH
    CVE-2024-7917

    A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component Favicon Handler. The manipulation of the argument site_fa... Read more

    Affected Products : douphp
    • Published: Aug. 18, 2024
    • Modified: Aug. 21, 2024

  • 0.0

    NA
    CVE-2024-43865

    In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Re-add exception handling in load_fpu_state() With the recent rewrite of the fpu code exception handling for the lfpc instruction within load_fpu_state() was erroneously remov... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Aug. 21, 2024

  • 0.0

    NA
    CVE-2022-48883

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent A user is able to configure an arbitrary number of rx queues when creating an interface via netlink. This doesn't... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Aug. 21, 2024

  • 0.0

    NA
    CVE-2024-43875

    In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpci_scan_bus() Smatch complains about inconsistent NULL checking in vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 v... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Aug. 21, 2024
Showing 20 of 293261 Results