Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.0

    HIGH
    CVE-2024-57536

    Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 6.3

    MEDIUM
    CVE-2024-57537

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2024-57538

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 8.2

    HIGH
    CVE-2024-57539

    Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2024-57540

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-57541

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2024-57542

    Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the field id_email_check_btn.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2024-57543

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-57544

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-57545

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2023-51317

    PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.... Read more

    Affected Products : restaurant_booking_system
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.2

    HIGH
    CVE-2024-44724

    AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url parameter at /admin/site_add.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value.... Read more

    Affected Products : autocms
    • Published: Sep. 09, 2024
    • Modified: Apr. 22, 2025

  • 7.2

    HIGH
    CVE-2024-44725

    AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php.... Read more

    Affected Products : autocms
    • Published: Sep. 09, 2024
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2023-51318

    PHPJabbers Bus Reservation System v1.1 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "title, name" parameters.... Read more

    Affected Products : bus_reservation_system
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2023-51319

    PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System O... Read more

    Affected Products : bus_reservation_system
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2024-44838

    RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter at /resource/runlogin.php.... Read more

    Affected Products : rapidcms
    • Published: Sep. 06, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-44839

    RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php.... Read more

    Affected Products : rapidcms
    • Published: Sep. 06, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-45771

    RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php.... Read more

    Affected Products : rapidcms
    • Published: Sep. 06, 2024
    • Modified: Apr. 22, 2025

  • 5.3

    MEDIUM
    CVE-2023-51320

    PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in Sys... Read more

    Affected Products : night_club_booking_software
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 6.1

    MEDIUM
    CVE-2024-41375

    ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/terminal-xhr.php... Read more

    Affected Products : icecoder
    • Published: Jul. 26, 2024
    • Modified: Apr. 22, 2025
Showing 20 of 293428 Results