Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-44838

    RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter at /resource/runlogin.php.... Read more

    Affected Products : rapidcms
    • Published: Sep. 06, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-44839

    RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php.... Read more

    Affected Products : rapidcms
    • Published: Sep. 06, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-45771

    RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php.... Read more

    Affected Products : rapidcms
    • Published: Sep. 06, 2024
    • Modified: Apr. 22, 2025

  • 5.3

    MEDIUM
    CVE-2023-51320

    PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in Sys... Read more

    Affected Products : night_club_booking_software
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 6.1

    MEDIUM
    CVE-2024-41375

    ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/terminal-xhr.php... Read more

    Affected Products : icecoder
    • Published: Jul. 26, 2024
    • Modified: Apr. 22, 2025

  • 6.5

    MEDIUM
    CVE-2023-51321

    A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of genera... Read more

    Affected Products : night_club_booking_software
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2024-41374

    ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/settings-screen.php... Read more

    Affected Products : icecoder
    • Published: Jul. 26, 2024
    • Modified: Apr. 22, 2025

  • 6.3

    MEDIUM
    CVE-2024-41373

    ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php.... Read more

    Affected Products : icecoder
    • Published: Jul. 26, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20130

    In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09193374; Issue ID: M... Read more

    Affected Products : android mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 +20 more products
    • Published: Dec. 02, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20131

    In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issu... Read more

    Affected Products : nr16 nr17 mt6789 mt6813 mt6835 mt6855 mt6878 mt6879 mt6886 mt6895 +23 more products
    • Published: Dec. 02, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20133

    In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issu... Read more

    Affected Products : nr16 mt6879 mt6886 mt6895 mt6895t mt6896 mt6980 mt6983 mt8673 mt8798 +2 more products
    • Published: Dec. 02, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20134

    In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV... Read more

    Affected Products : android mt6835 mt6878 mt6879 mt6895 mt6896 mt6897 mt6985 mt6989 mt6983 +4 more products
    • Published: Dec. 02, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20135

    In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issu... Read more

    Affected Products : android mt6781 mt6833 mt6853 mt6877 mt6878 mt6893 mt6897 mt6989 mt6768 +3 more products
    • Published: Dec. 02, 2024
    • Modified: Apr. 22, 2025

  • 6.2

    MEDIUM
    CVE-2024-20136

    In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID:... Read more

    Affected Products : android openwrt rdk-b mt6781 mt6789 mt6855 mt6878 mt6879 mt6880 mt6886 +22 more products
    • Published: Dec. 02, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20119

    In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062301; Issue ID: ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +10 more products
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.5

    MEDIUM
    CVE-2023-51323

    A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Shared Asset Booking System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of genera... Read more

    Affected Products : shared_asset_booking_system
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Denial of Service

  • 6.7

    MEDIUM
    CVE-2024-20120

    In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ... Read more

    Affected Products : android mt6833 mt6835 mt6853 mt6855 mt6879 mt6886 mt6893 mt6989 mt8791t +19 more products
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20121

    In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ... Read more

    Affected Products : android mt6833 mt6835 mt6853 mt6855 mt6879 mt6886 mt6893 mt6989 mt8791t +19 more products
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 4.4

    MEDIUM
    CVE-2024-20122

    In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: M... Read more

    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 4.4

    MEDIUM
    CVE-2024-20123

    In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: M... Read more

    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025
Showing 20 of 293414 Results