Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2024-12488

    A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/subject_update.php. The manipulation of the argument id leads to sql... Read more

    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 8.8

    HIGH
    CVE-2024-12487

    A vulnerability has been found in code-projects Online Class and Exam Scheduling System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/room_update.php. The manipulation of the argument id lead... Read more

    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 8.8

    HIGH
    CVE-2024-12486

    A vulnerability, which was classified as critical, was found in code-projects Online Class and Exam Scheduling System 1.0. Affected is an unknown function of the file /pages/rank_update.php. The manipulation of the argument id leads to sql injection. It i... Read more

    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 8.8

    HIGH
    CVE-2024-12485

    A vulnerability, which was classified as critical, has been found in code-projects Online Class and Exam Scheduling System 1.0. This issue affects some unknown processing of the file /pages/department.php. The manipulation of the argument id leads to sql ... Read more

    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 9.8

    CRITICAL
    CVE-2024-12484

    A vulnerability classified as critical was found in Codezips Technical Discussion Forum 1.0. This vulnerability affects unknown code of the file /signuppost.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated... Read more

    Affected Products : technical_discussion_forum
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 6.3

    MEDIUM
    CVE-2024-12483

    A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This affects an unknown part of the file /users/id of the component User ID Handler. The manipulation leads to authorization bypass. It is possible to initiate the atta... Read more

    Affected Products : ujcms
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 5.3

    MEDIUM
    CVE-2024-12482

    A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the com... Read more

    Affected Products : wetech-cms
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-12481

    A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical. Affected by this vulnerability is the function findUser of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\UserDao.java. The manipulation ... Read more

    Affected Products : wetech-cms
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-12480

    A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been classified as critical. Affected is the function searchTopic of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\TopicDao.java. The manipulation of the argument ... Read more

    Affected Products : wetech-cms
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-12479

    A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2 and classified as critical. This issue affects the function searchTopicByKeyword of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\TopicDao.java. The manipulation of the ar... Read more

    Affected Products : wetech-cms
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-12382

    Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-12381

    Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-11950

    XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit ... Read more

    Affected Products : xnview
    • Published: Dec. 12, 2024
    • Modified: Aug. 15, 2025

  • 8.8

    HIGH
    CVE-2024-11949

    GFI Archiver Store Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is required to exploit this vu... Read more

    Affected Products : archiver
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-11948

    GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specific fl... Read more

    Affected Products : archiver
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-11947

    GFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is required to exploit this vul... Read more

    Affected Products : archiver
    • Published: Dec. 12, 2024
    • Modified: Dec. 13, 2024

  • 7.8

    HIGH
    CVE-2024-11872

    Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Epic Games Launcher. An attacker must first obtain the ability to exe... Read more

    Affected Products : launcher
    • Published: Dec. 12, 2024
    • Modified: Aug. 15, 2025

  • 7.8

    HIGH
    CVE-2024-9845

    Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation.... Read more

    Affected Products : automation
    • Published: Dec. 11, 2024
    • Modified: Dec. 13, 2024

  • 7.8

    HIGH
    CVE-2024-8496

    Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.... Read more

    Affected Products : workspace_control
    • Published: Dec. 11, 2024
    • Modified: Dec. 13, 2024

  • 8.1

    HIGH
    CVE-2024-48912

    GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.17, an authenticated user can use an application endpoint to delete any user account. Version 10.0.17 contains a patch for this issue.... Read more

    Affected Products : glpi
    • Published: Dec. 11, 2024
    • Modified: Jan. 10, 2025
Showing 20 of 292238 Results