Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2024-57024

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eMinute" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 6.8

    MEDIUM
    CVE-2024-57023

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57022

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 19, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57021

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57020

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57019

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57018

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57017

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57016

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "user" parameter in setVpnAccountCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57015

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "hour" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57014

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57013

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "switch" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57012

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 14, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2024-57011

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Jan. 15, 2025
    • Modified: Mar. 17, 2025
    • Vuln Type: Injection

  • 5.1

    MEDIUM
    CVE-2024-52783

    Insecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c allows attackers to execute arbitrary code via modification of the configuration file.... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Feb. 03, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2024-50954

    The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network (LAN), sending a speci... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2024-50953

    An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a crafted Modbus message.... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2020-8094

    An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file.... Read more

    Affected Products : antivirus_2020
    • Published: Jan. 15, 2025
    • Modified: Feb. 07, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-22968

    An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions... Read more

    Affected Products : dwr-m972v_firmware dwr-m972v
    • Published: Jan. 15, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Authentication

  • 8.5

    HIGH
    CVE-2025-22799

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Vertim Coders Neon Product Designer allows SQL Injection.This issue affects Neon Product Designer: from n/a through 2.1.1.... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Injection
Showing 20 of 291335 Results