Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2024-13077

    A vulnerability, which was classified as problematic, was found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/add-property.php. The manipulation of the argument Land Subtype leads to cross site scripting. It is p... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13076

    A vulnerability, which was classified as problematic, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/edit-propertytype.php. The manipulation of the argument Property Type leads to cross s... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13075

    A vulnerability classified as problematic was found in PHPGurukul Land Record System 1.0. This vulnerability affects unknown code of the file /admin/add-propertytype.php. The manipulation of the argument Land Property Type leads to cross site scripting. T... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 7.3

    HIGH
    CVE-2024-55955

    An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first ... Read more

    Affected Products : windows deep_security_agent
    • Published: Dec. 31, 2024
    • Modified: Sep. 09, 2025

  • 7.8

    HIGH
    CVE-2024-55917

    An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system i... Read more

    Affected Products : apexone_op apexone_saas
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 7.8

    HIGH
    CVE-2024-55632

    A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target sys... Read more

    Affected Products : apexone_op apexone_saas
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 7.8

    HIGH
    CVE-2024-55631

    An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ... Read more

    Affected Products : apexone_op apexone_saas
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 5.4

    MEDIUM
    CVE-2024-13074

    A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the a... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Apr. 03, 2025

  • 8.7

    HIGH
    CVE-2024-56802

    Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2.... Read more

    Affected Products :
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 9.3

    CRITICAL
    CVE-2024-56198

    path-sanitizer is a simple lightweight npm package for sanitizing paths to prevent Path Traversal. Prior to 3.1.0, the filters can be bypassed using .=%5c which results in a path traversal. This vulnerability is fixed in 3.1.0.... Read more

    Affected Products :
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 6.5

    MEDIUM
    CVE-2024-53647

    Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service.... Read more

    Affected Products : idsecurity
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 7.8

    HIGH
    CVE-2024-52050

    A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target... Read more

    Affected Products : apexone_op apexone_saas
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 7.8

    HIGH
    CVE-2024-52049

    A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52048. Please note: an attacker must first o... Read more

    Affected Products : apexone_op apexone_saas
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 7.8

    HIGH
    CVE-2024-52048

    A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049. Please note: an attacker must first o... Read more

    Affected Products : apexone_op apexone_saas
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 8.8

    HIGH
    CVE-2024-52047

    A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target s... Read more

    Affected Products : apex_one
    • Published: Dec. 31, 2024
    • Modified: Jul. 29, 2025

  • 8.8

    HIGH
    CVE-2024-25133

    A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-... Read more

    Affected Products :
    • Published: Dec. 31, 2024
    • Modified: Feb. 06, 2025

  • 9.8

    CRITICAL
    CVE-2024-13072

    A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add-customer-services.php of the component Customer Detail Handler. The... Read more

    Affected Products : beauty_parlour_management_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 8.8

    HIGH
    CVE-2024-13070

    A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/update_users.php of the component Update User Page. The manipulation of... Read more

    Affected Products : online_food_ordering_system
    • Published: Dec. 31, 2024
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2023-6603

    A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.... Read more

    Affected Products : ffmpeg
    • Published: Dec. 31, 2024
    • Modified: Aug. 21, 2025

  • 5.3

    MEDIUM
    CVE-2023-6602

    A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.... Read more

    Affected Products : ffmpeg
    • Published: Dec. 31, 2024
    • Modified: Jun. 20, 2025
Showing 20 of 293616 Results