Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-45235

    An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field.... Read more

    Affected Products : fort_validator
    • Published: Aug. 24, 2024
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2024-45238

    An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. Open... Read more

    Affected Products : fort_validator
    • Published: Aug. 24, 2024
    • Modified: Apr. 22, 2025

  • 5.3

    MEDIUM
    CVE-2024-56169

    A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties (such as Fort) are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields inc... Read more

    Affected Products : fort_validator
    • Published: Dec. 18, 2024
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2024-33307

    SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User.... Read more

    Affected Products : laboratory_management_system
    • Published: May. 01, 2024
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2025-3131

    Cross-Site Request Forgery (CSRF) vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, fr... Read more

    Affected Products : eca\
    • Published: Apr. 09, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 5.3

    MEDIUM
    CVE-2024-33302

    SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting (XSS) via "Middle Name" under Add Users.... Read more

    • Published: May. 02, 2024
    • Modified: Apr. 22, 2025

  • 8.2

    HIGH
    CVE-2024-33303

    SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" under Add Users.... Read more

    • Published: May. 02, 2024
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2024-23910

    Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. ... Read more

    • Published: Feb. 28, 2024
    • Modified: Apr. 22, 2025

  • 5.5

    MEDIUM
    CVE-2023-52490

    In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointe... Read more

    Affected Products : linux_kernel
    • Published: Mar. 11, 2024
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-51696

    Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20. ... Read more

    • Published: Feb. 29, 2024
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2022-46343

    A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is runn... Read more

    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2022-46342

    A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se... Read more

    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2022-46341

    A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems w... Read more

    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2022-46340

    A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput req... Read more

    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2022-46256

    A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the... Read more

    Affected Products : enterprise_server
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-46255

    An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new conten... Read more

    Affected Products : enterprise_server
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-43724

    A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xp_cmdshell feature unauthenticated remote... Read more

    Affected Products : sicam_pas\/pqs
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2022-43723

    A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated... Read more

    Affected Products : sicam_pas\/pqs
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2022-43722

    A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SY... Read more

    Affected Products : sicam_pas\/pqs
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2022-42796

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Nov. 01, 2022
    • Modified: Apr. 22, 2025
Showing 20 of 293628 Results