Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-50608

    An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Conte... Read more

    Affected Products : fluent_bit
    • Published: Feb. 18, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Denial of Service

  • 10.0

    HIGH
    CVE-2013-4811

    UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp ... Read more

    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 10.0

    HIGH
    CVE-2013-4812

    UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp fi... Read more

    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2022-27333

    idcCMS v1.10 was discovered to contain an issue which allows attackers to arbitrarily delete the install.lock file, resulting in a reset of the CMS settings and data.... Read more

    Affected Products : idccms idccms
    • Published: Mar. 21, 2022
    • Modified: Apr. 22, 2025

  • 4.8

    MEDIUM
    CVE-2022-31913

    Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name.... Read more

    • Published: Jun. 16, 2022
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2021-33371

    A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box.... Read more

    • Published: Jul. 28, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2021-45003

    Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload.... Read more

    • Published: Jan. 10, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2023-3008

    A vulnerability classified as critical has been found in ningzichun Student Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument user/pass leads to sql injection. It is possible to initiate the attack... Read more

    • Published: May. 31, 2023
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2023-3007

    A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the component Password Reset Handler. The manipulation of the argum... Read more

    • Published: May. 31, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3149

    A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file admin\user\manage_user.php. The manipulation of the argument id leads to sql injection. It is pos... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3145

    A vulnerability, which was classified as critical, has been found in SourceCodester Online Discussion Forum Site 1.0. Affected by this issue is some unknown functionality of the file classes\Users.php?f=registration. The manipulation of the argument usern... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3146

    A vulnerability, which was classified as critical, was found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\categories\manage_category.php. The manipulation of the argument id leads to sql injection. It ... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2022-31295

    An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.... Read more

    • Published: Jun. 16, 2022
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2023-3143

    A vulnerability classified as problematic has been found in SourceCodester Online Discussion Forum Site 1.0. Affected is an unknown function of the file admin\posts\manage_post.php. The manipulation of the argument content leads to cross site scripting. I... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3147

    A vulnerability has been found in SourceCodester Online Discussion Forum Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin\categories\view_category.php. The manipulation of the argument id leads to sql injectio... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3148

    A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0 and classified as critical. This issue affects some unknown processing of the file admin\posts\manage_post.php. The manipulation of the argument id leads to sql injection. The at... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2020-23935

    Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".... Read more

    • Published: Aug. 20, 2020
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2022-29309

    mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery.... Read more

    Affected Products : mysiteforme mysiteforme
    • Published: May. 24, 2022
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3151

    A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file user\manage_user.php. The manipulation of the argument id leads to sql injection.... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 7.2

    HIGH
    CVE-2022-31911

    Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team.... Read more

    • Published: Jun. 16, 2022
    • Modified: Apr. 22, 2025
Showing 20 of 293698 Results