Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2024-56714

    In the Linux kernel, the following vulnerability has been resolved: ionic: no double destroy workqueue There are some FW error handling paths that can cause us to try to destroy the workqueue more than once, so let's be sure we're checking for that. Th... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Dec. 29, 2024

  • 0.0

    NA
    CVE-2024-56713

    In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsim_pp_hold_write() nsim_pp_hold_write() has two problems: 1) It may return with rtnl held, as found by syzbot. 2) Its return value does not propagate an error if... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Dec. 29, 2024

  • 5.5

    MEDIUM
    CVE-2024-56712

    In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last export_udmabuf() error path In export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a dma_buf owning the udmabuf has already been creat... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Apr. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-56711

    In the Linux kernel, the following vulnerability has been resolved: drm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference drm_mode_duplicate() could return NULL due to lack of memory, which will then call NULL pointer dereference. Ad... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-56710

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leaked and pages remain pinned if ceph_alloc_sparse_ext_map() fails. T... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Apr. 17, 2025

  • 0.0

    NA
    CVE-2024-56709

    In the Linux kernel, the following vulnerability has been resolved: io_uring: check if iowq is killed before queuing task work can be executed after the task has gone through io_uring termination, whether it's the final task_work run or the fallback pat... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Dec. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-13007

    A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection. It is possible to launch the att... Read more

    Affected Products : event_management_system
    • Published: Dec. 29, 2024
    • Modified: Feb. 25, 2025

  • 9.8

    CRITICAL
    CVE-2024-13006

    A vulnerability, which was classified as critical, has been found in 1000 Projects Human Resource Management System 1.0. This issue affects some unknown processing of the file /employeeview.php. The manipulation of the argument search leads to sql injecti... Read more

    Affected Products : human_resource_management_system
    • Published: Dec. 29, 2024
    • Modified: Dec. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-13005

    A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/attendance_action.php. The manipulation of the argument attendance_id leads to sql inje... Read more

    • Published: Dec. 29, 2024
    • Modified: Mar. 05, 2025

  • 5.3

    MEDIUM
    CVE-2024-56738

    GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.... Read more

    Affected Products : grub2
    • Published: Dec. 29, 2024
    • Modified: Jun. 24, 2025

  • 8.8

    HIGH
    CVE-2024-56737

    GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.... Read more

    Affected Products : grub2
    • Published: Dec. 29, 2024
    • Modified: Jun. 24, 2025

  • 9.8

    CRITICAL
    CVE-2024-13004

    A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. This affects an unknown part of the file /admin/category.php. The manipulation of the argument state leads to sql injection. It is possible to initiate th... Read more

    Affected Products : complaint_management_system
    • Published: Dec. 29, 2024
    • Modified: Dec. 29, 2024

  • 7.5

    HIGH
    CVE-2018-25107

    The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.... Read more

    Affected Products :
    • Published: Dec. 29, 2024
    • Modified: Dec. 31, 2024

  • 6.3

    MEDIUM
    CVE-2024-12238

    The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.22. This is due to the software allowing users to execute an action that does ... Read more

    Affected Products : ninja_forms
    • Published: Dec. 29, 2024
    • Modified: Apr. 18, 2025

  • 9.8

    CRITICAL
    CVE-2024-13003

    A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /update_ed.php. The manipulation of the argument e_id leads to sql injection. T... Read more

    Affected Products : portfolio_management_system_mca
    • Published: Dec. 29, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-13002

    A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /order_process.php. The manipulation of the argument fnm leads to sql inje... Read more

    Affected Products : bookstore_management_system
    • Published: Dec. 29, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-13001

    A vulnerability was found in PHPGurukul Small CRM 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack rem... Read more

    Affected Products : small_crm
    • Published: Dec. 29, 2024
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-13000

    A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remo... Read more

    Affected Products : small_crm
    • Published: Dec. 29, 2024
    • Modified: Feb. 18, 2025

  • 9.8

    CRITICAL
    CVE-2024-12999

    A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remote... Read more

    Affected Products : small_crm
    • Published: Dec. 29, 2024
    • Modified: Feb. 18, 2025

  • 6.9

    MEDIUM
    CVE-2024-12998

    A vulnerability, which was classified as problematic, was found in code-projects Online Car Rental System 1.0. This affects an unknown part of the file /index.php of the component GET Parameter Handler. The manipulation leads to cross site scripting. It i... Read more

    Affected Products : online_car_rental_system
    • Published: Dec. 28, 2024
    • Modified: Mar. 03, 2025
Showing 20 of 293617 Results