Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2022-25671

    Denial of service in MODEM due to reachable assertion in Snapdragon Mobile... Read more

    • Published: Nov. 15, 2022
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2022-25667

    Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking... Read more

    • Published: Nov. 15, 2022
    • Modified: Apr. 22, 2025

  • 7.2

    HIGH
    CVE-2022-23741

    An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. An attacker would require an account with admin access to install a malicious GitHub... Read more

    Affected Products : enterprise_server
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2021-47068

    In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()") fixed ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 29, 2024
    • Modified: Apr. 22, 2025

  • 5.5

    MEDIUM
    CVE-2021-46961

    In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Do not enable irqs when handling spurious interrups We triggered the following error while running our 4.19 kernel with the pseudo-NMI patches backported to it: [ 14.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2021-46950

    In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for th... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Apr. 22, 2025

  • 5.5

    MEDIUM
    CVE-2021-46939

    In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume te... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Apr. 22, 2025

  • 6.1

    MEDIUM
    CVE-2024-33305

    SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User.... Read more

    Affected Products : laboratory_management_system
    • Published: May. 02, 2024
    • Modified: Apr. 22, 2025

  • 7.2

    HIGH
    CVE-2022-30002

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=.... Read more

    • Published: May. 12, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-30000

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=.... Read more

    • Published: May. 12, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-30001

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=.... Read more

    • Published: May. 12, 2022
    • Modified: Apr. 22, 2025

  • 7.1

    HIGH
    CVE-2022-34560

    A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter.... Read more

    Affected Products : phpfox
    • Published: Apr. 22, 2024
    • Modified: Apr. 22, 2025

  • 4.3

    MEDIUM
    CVE-2022-34561

    A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter.... Read more

    Affected Products : phpfox
    • Published: Apr. 22, 2024
    • Modified: Apr. 22, 2025

  • 6.1

    MEDIUM
    CVE-2022-34562

    A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the status box.... Read more

    Affected Products : phpfox
    • Published: Apr. 22, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-29999

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=.... Read more

    • Published: May. 12, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-27124

    Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.... Read more

    • Published: Apr. 05, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-29998

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=.... Read more

    • Published: May. 12, 2022
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2024-7080

    A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack ca... Read more

    • Published: Jul. 24, 2024
    • Modified: Apr. 22, 2025

  • 5.3

    MEDIUM
    CVE-2024-7068

    A vulnerability classified as problematic has been found in SourceCodester Insurance Management System 1.0. This affects an unknown part of the file /Script/admin/core/update_sub_category. The manipulation of the argument name leads to cross site scriptin... Read more

    • Published: Jul. 24, 2024
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2024-7916

    A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file addNominee.php of the component Add Nominee Page. The manipulation of t... Read more

    • Published: Aug. 18, 2024
    • Modified: Apr. 22, 2025
Showing 20 of 293566 Results