Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-23347

    Prior to v176, when opening a new project Meta Spark Studio would execute scripts defined inside of a package.json file included as part of that project. Those scripts would have the ability to execute arbitrary code on the system as the application.... Read more

    Affected Products : meta_spark_studio
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 6.1

    MEDIUM
    CVE-2024-22714

    Stupid Simple CMS <=1.2.4 is vulnerable to Cross Site Scripting (XSS) in the editing section of the article content.... Read more

    Affected Products : stupid_simple_cms
    • Published: Jan. 17, 2024
    • Modified: Jun. 20, 2025

  • 7.2

    HIGH
    CVE-2024-22627

    Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_distributor.php?id=.... Read more

    Affected Products : supplier_management_system
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 7.5

    HIGH
    CVE-2024-22362

    Drupal contains a vulnerability with improper handling of structural elements. If this vulnerability is exploited, an attacker may be able to cause a denial-of-service (DoS) condition.... Read more

    Affected Products : drupal
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 6.5

    MEDIUM
    CVE-2024-20985

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mu... Read more

    Affected Products : mysql oncommand_insight mysql_server
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 4.9

    MEDIUM
    CVE-2024-20983

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to ... Read more

    Affected Products : mysql oncommand_insight mysql_server
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 4.9

    MEDIUM
    CVE-2024-20981

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m... Read more

    Affected Products : mysql oncommand_insight mysql_server
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 4.9

    MEDIUM
    CVE-2024-20965

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... Read more

    Affected Products : mysql oncommand_insight mysql_server
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 6.5

    MEDIUM
    CVE-2024-20961

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access ... Read more

    Affected Products : mysql oncommand_insight mysql_server
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 5.4

    MEDIUM
    CVE-2024-20944

    Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTT... Read more

    Affected Products : isupport
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 6.1

    MEDIUM
    CVE-2024-20942

    Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Supported versions that are affected are 11.5, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with ne... Read more

    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 6.1

    MEDIUM
    CVE-2024-20940

    Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Create, Update, Authoring Flow). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker wit... Read more

    Affected Products : knowledge_management
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 6.1

    MEDIUM
    CVE-2024-20934

    Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network ac... Read more

    Affected Products : installed_base
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 3.8

    LOW
    CVE-2024-20920

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris ex... Read more

    Affected Products : solaris solaris
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 7.4

    HIGH
    CVE-2024-20918

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle Gra... Read more

    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 8.3

    HIGH
    CVE-2024-20916

    Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). The supported version that is affected is 13.5.0.0. Easily exploitable vulnerability allows high privileged attacker with ac... Read more

    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 5.3

    MEDIUM
    CVE-2024-0236

    The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for exam... Read more

    Affected Products : eventon
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 5.3

    MEDIUM
    CVE-2024-0235

    The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog... Read more

    Affected Products : eventon
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 6.1

    MEDIUM
    CVE-2024-0233

    The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege use... Read more

    Affected Products : eventon
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025

  • 5.4

    MEDIUM
    CVE-2023-7084

    The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks... Read more

    Affected Products : voting_record
    • Published: Jan. 16, 2024
    • Modified: Jun. 20, 2025
Showing 20 of 293613 Results