Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2024-54285

    Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows Upload a Web Shell to a Web Server.This issue affects SeedProd Pro: from n/a through 6.18.10.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.6

    HIGH
    CVE-2024-54284

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.6

    HIGH
    CVE-2024-54283

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.8

    CRITICAL
    CVE-2024-54280

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WPBookit allows SQL Injection.This issue affects WPBookit: from n/a through 1.6.0.... Read more

    Affected Products : wpbookit wpbookit
    • Published: Dec. 16, 2024
    • Modified: Jun. 27, 2025

  • 7.5

    HIGH
    CVE-2024-54279

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPNERD WP-NERD Toolkit.This issue affects WP-NERD Toolkit: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54257

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molefed allows Reflected XSS.This issue affects tydskrif: from n/a through 1.1.3.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54249

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jules Colle Advanced Options Editor allows Reflected XSS.This issue affects Advanced Options Editor: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.8

    CRITICAL
    CVE-2024-54229

    Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through 2.0.02.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.8

    CRITICAL
    CVE-2024-43234

    Authentication Bypass Using an Alternate Path or Channel vulnerability in WofficeIO Woffice allows Authentication Bypass.This issue affects Woffice: from n/a through 5.4.14.... Read more

    Affected Products : woffice
    • Published: Dec. 16, 2024
    • Modified: Aug. 08, 2025

  • 6.8

    MEDIUM
    CVE-2024-12654

    A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer derefere... Read more

    Affected Products : usb_over_network
    • Published: Dec. 16, 2024
    • Modified: Dec. 18, 2024

  • 6.8

    MEDIUM
    CVE-2024-12653

    A vulnerability classified as problematic has been found in FabulaTech USB over Network 6.0.6.1. Affected is the function 0x22040C in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Local access... Read more

    Affected Products : usb_over_network
    • Published: Dec. 16, 2024
    • Modified: Dec. 18, 2024

  • 7.1

    HIGH
    CVE-2024-56015

    Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This issue affects Tidy Up: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 8.8

    HIGH
    CVE-2024-56013

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Wovax, LLC. Wovax IDX allows Authentication Bypass.This issue affects Wovax IDX: from n/a through 1.2.2.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.8

    CRITICAL
    CVE-2024-56012

    Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive), Pearlbells Post Title (TypeWriter) allows Privilege Escalation.This issue affects Flash News / Post (Responsive): from n/a through 4.1; Post Title (TypeWriter): ... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Jan. 27, 2025

  • 6.5

    MEDIUM
    CVE-2024-56011

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ilja Zaglov | IMBAA GmbH Responsive Google Maps | by imbaa allows Stored XSS.This issue affects Responsive Google Maps | by imbaa: from n/a through 1.2.5... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 5.3

    MEDIUM
    CVE-2024-56009

    Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from n/a through 1.0.4.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 4.3

    MEDIUM
    CVE-2024-56007

    Missing Authorization vulnerability in Ram Segev Leader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leader: from n/a through 2.6.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 6.5

    MEDIUM
    CVE-2024-56005

    Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti Shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through 3.10.3.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 5.4

    MEDIUM
    CVE-2024-56004

    Missing Authorization vulnerability in Alex W Fowler Easy Site Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Site Importer: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 6.5

    MEDIUM
    CVE-2024-56001

    Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ksher: from n/a through 1.1.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024
Showing 20 of 292714 Results