Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-12978

    A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. This vulnerability affects the function add_req of the file /_parse/_all_edits.php. The manipulation of the argument jid/limit leads to sql injection. The atta... Read more

    Affected Products : job_recruitment
    • Published: Dec. 27, 2024
    • Modified: Feb. 18, 2025

  • 6.5

    MEDIUM
    CVE-2024-9774

    A vulnerability was found in python-sql where unary operators do not escape non-Expression.... Read more

    Affected Products :
    • Published: Dec. 27, 2024
    • Modified: Feb. 07, 2025

  • 9.8

    CRITICAL
    CVE-2024-12977

    A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 1.0. This affects an unknown part of the file /admin/state.php. The manipulation of the argument state leads to sql injection. It is possible to initiat... Read more

    Affected Products : complaint_management_system
    • Published: Dec. 27, 2024
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-12976

    A vulnerability, which was classified as critical, has been found in CodeZips Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /staff.php. The manipulation of the argument tel leads to sql injection. The att... Read more

    • Published: Dec. 27, 2024
    • Modified: Jun. 09, 2025

  • 9.8

    CRITICAL
    CVE-2024-12969

    A vulnerability, which was classified as critical, has been found in code-projects Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument u... Read more

    • Published: Dec. 26, 2024
    • Modified: Mar. 28, 2025

  • 5.3

    MEDIUM
    CVE-2024-56361

    LGSL (Live Game Server List) provides online status for games. Before 7.0.0, a stored cross-site scripting (XSS) vulnerability was identified in lgsl. The function lgsl_query_40 in lgsl_protocol.php has implemented an HTTP crawler. This function makes a r... Read more

    Affected Products :
    • Published: Dec. 26, 2024
    • Modified: Dec. 27, 2024

  • 8.6

    HIGH
    CVE-2024-55950

    Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerab... Read more

    Affected Products :
    • Published: Dec. 26, 2024
    • Modified: Dec. 27, 2024

  • 8.2

    HIGH
    CVE-2024-53850

    The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists (by n... Read more

    Affected Products : addressing
    • Published: Dec. 26, 2024
    • Modified: Dec. 26, 2024

  • 4.3

    MEDIUM
    CVE-2024-45805

    OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information (SETTINGS_SUPPORT). This is due to inadequate acces... Read more

    Affected Products : opencti
    • Published: Dec. 26, 2024
    • Modified: May. 22, 2025

  • 7.7

    HIGH
    CVE-2024-45600

    Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to 1.21.13, an authenticated user can perform a SQL injection when the plugin is active. The vulnerability is fixed in 1.21.13.... Read more

    Affected Products : fields
    • Published: Dec. 26, 2024
    • Modified: Dec. 26, 2024

  • 9.8

    CRITICAL
    CVE-2024-12968

    A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. Affected by this vulnerability is the function edit_jobpost of the file /_parse/_all_edits.php. The manipulation of the argument jobtype leads to sql injection. The att... Read more

    Affected Products : job_recruitment job_recruitment
    • Published: Dec. 26, 2024
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-12967

    A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. Affected is the function fln_update of the file /_parse/_all_edits.php. The manipulation of the argument fname/lname leads to sql injection. It is possible to laun... Read more

    Affected Products : job_recruitment job_recruitment
    • Published: Dec. 26, 2024
    • Modified: Apr. 03, 2025

  • 5.3

    MEDIUM
    CVE-2024-56510

    @marp-team/marp-core is the core for Marp, which is the ecosystem to write your presentation with plain Markdown. Marp Core from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting (XSS) due to improper neutralization of HTML sanitization.... Read more

    Affected Products :
    • Published: Dec. 26, 2024
    • Modified: Dec. 26, 2024

  • 9.8

    CRITICAL
    CVE-2024-12966

    A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as critical. This issue affects the function cn_update of the file /_parse/_all_edits.php. The manipulation of the argument cname/url leads to sql injection. The attack may ... Read more

    Affected Products : job_recruitment job_recruitment
    • Published: Dec. 26, 2024
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-12965

    A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /update_ex_detail.php. The manipulation of the argument q leads to sql injection. The att... Read more

    Affected Products : portfolio_management_system_mca
    • Published: Dec. 26, 2024
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2024-12964

    A vulnerability was found in 1000 Projects Daily College Class Work Report Book 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument user leads to sql injection. It is possible to i... Read more

    • Published: Dec. 26, 2024
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2024-12963

    A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this issue is the function add_xp of the file /_parse/_all_edits.php. The manipulation of the argument job_company leads to sql injection. The attack ma... Read more

    Affected Products : job_recruitment job_recruitment
    • Published: Dec. 26, 2024
    • Modified: Apr. 03, 2025

  • 8.8

    HIGH
    CVE-2024-54907

    TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc.... Read more

    Affected Products : a3002r_firmware a3002r
    • Published: Dec. 26, 2024
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2024-12962

    A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /_parse/_all_edits.php. The manipulation of the argument skillset leads to sql injection... Read more

    Affected Products : job_recruitment
    • Published: Dec. 26, 2024
    • Modified: Feb. 18, 2025

  • 9.8

    CRITICAL
    CVE-2024-12961

    A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. Affected is an unknown function of the file /update_ach_details.php. The manipulation of the argument q leads to sql injection. It is possib... Read more

    Affected Products : portfolio_management_system_mca
    • Published: Dec. 26, 2024
    • Modified: Apr. 22, 2025
Showing 20 of 293509 Results