Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2025-20036

    Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.... Read more

    Affected Products : mattermost_server mattermost
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Denial of Service

  • 8.2

    HIGH
    CVE-2024-7085

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Solutions Business Manager (SBM) allows Stored XSS.  The vulnerability could result in the exposure of private information to an unauth... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.8

    MEDIUM
    CVE-2024-57025

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2024-57024

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eMinute" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2024-57023

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57022

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57021

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57020

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57019

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57018

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57017

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57016

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "user" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57015

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "hour" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57014

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57013

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "switch" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57012

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 14, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57011

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Injection

  • 5.1

    MEDIUM
    CVE-2024-52783

    Insecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c allows attackers to execute arbitrary code via modification of the configuration file.... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Feb. 03, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2024-50954

    The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network (LAN), sending a speci... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2024-50953

    An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a crafted Modbus message.... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291258 Results