Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-20496

    In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for expl... Read more

    Affected Products : android
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2022-20495

    In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.... Read more

    Affected Products : android
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2022-20491

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i... Read more

    Affected Products : android
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2022-20488

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i... Read more

    Affected Products : android
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2022-20487

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i... Read more

    Affected Products : android
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2022-20486

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i... Read more

    Affected Products : android
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 8.0

    HIGH
    CVE-2024-57536

    Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 6.3

    MEDIUM
    CVE-2024-57537

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2024-57538

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 8.2

    HIGH
    CVE-2024-57539

    Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2024-57540

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-57541

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2024-57542

    Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the field id_email_check_btn.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2024-57543

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-57544

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-57545

    Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification.... Read more

    Affected Products : e8450_firmware e8450
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2023-51317

    PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.... Read more

    Affected Products : restaurant_booking_system
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.2

    HIGH
    CVE-2024-44724

    AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url parameter at /admin/site_add.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value.... Read more

    Affected Products : autocms
    • Published: Sep. 09, 2024
    • Modified: Apr. 22, 2025

  • 7.2

    HIGH
    CVE-2024-44725

    AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php.... Read more

    Affected Products : autocms
    • Published: Sep. 09, 2024
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2023-51318

    PHPJabbers Bus Reservation System v1.1 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "title, name" parameters.... Read more

    Affected Products : bus_reservation_system
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 293613 Results