Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2024-12247

    Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate permission scheme updates across cluster nodes which allows a user to keep old permissions, even if the permission scheme has been updated.... Read more

    Affected Products : mattermost_server mattermost
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 6.1

    MEDIUM
    CVE-2024-12232

    A vulnerability has been found in code-projects Simple CRUD Functionality 1.0 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument newtitle/newdescr leads to cross site scripting. ... Read more

    Affected Products : simple_crud_functionality
    • Published: Dec. 05, 2024
    • Modified: Feb. 27, 2025

  • 9.8

    CRITICAL
    CVE-2024-12231

    A vulnerability, which was classified as critical, was found in CodeZips Project Management System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the atta... Read more

    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 5.9

    MEDIUM
    CVE-2024-10716

    Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search.... Read more

    Affected Products : infinity
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-12230

    A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/subcategory.php. The manipulation of the argument category leads to sq... Read more

    Affected Products : complaint_management_system
    • Published: Dec. 05, 2024
    • Modified: Dec. 10, 2024

  • 9.8

    CRITICAL
    CVE-2024-12229

    A vulnerability classified as critical was found in PHPGurukul Complaint Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument search leads to sql inject... Read more

    Affected Products : complaint_management_system
    • Published: Dec. 05, 2024
    • Modified: Dec. 10, 2024

  • 5.9

    MEDIUM
    CVE-2024-11942

    A vulnerability in Drupal Core allows File Manipulation.This issue affects Drupal Core: from 10.0.0 before 10.2.10.... Read more

    Affected Products : drupal
    • Published: Dec. 05, 2024
    • Modified: Jun. 02, 2025

  • 7.5

    HIGH
    CVE-2024-11941

    A vulnerability in Drupal Core allows Excessive Allocation.This issue affects Drupal Core: from 10.2.0 before 10.2.2, from 10.1.0 before 10.1.8.... Read more

    Affected Products : drupal
    • Published: Dec. 05, 2024
    • Modified: Jun. 02, 2025

  • 4.3

    MEDIUM
    CVE-2024-54679

    CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions.... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 06, 2024

  • 8.1

    HIGH
    CVE-2024-53703

    A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.... Read more

    Affected Products : sma100_firmware
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 5.3

    MEDIUM
    CVE-2024-53702

    Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.... Read more

    Affected Products : sma100_firmware
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 8.2

    HIGH
    CVE-2024-52271

    User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): ... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 6.3

    MEDIUM
    CVE-2024-45319

    A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.... Read more

    Affected Products : sma100_firmware
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 8.1

    HIGH
    CVE-2024-45318

    A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.... Read more

    Affected Products : sma100_firmware
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 7.5

    HIGH
    CVE-2024-40763

    Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution.... Read more

    Affected Products : sma100_firmware
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-12228

    A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. Affected is an unknown function of the file /admin/user-search.php. The manipulation of the argument search leads to sql injection. It is possible to laun... Read more

    Affected Products : complaint_management_system
    • Published: Dec. 05, 2024
    • Modified: Dec. 10, 2024

  • 6.8

    MEDIUM
    CVE-2024-12227

    A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereferenc... Read more

    Affected Products : dragon_center
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 9.9

    CRITICAL
    CVE-2024-6784

    Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.0... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 9.3

    CRITICAL
    CVE-2024-6516

    Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 9.6

    CRITICAL
    CVE-2024-6515

    Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024
Showing 20 of 291902 Results