Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.6

    HIGH
    CVE-2024-53783

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzia Ni WooCommerce Cost Of Goods allows SQL Injection.This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 5.3

    MEDIUM
    CVE-2024-53768

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE Interactive Content Audit Exporter allows Retrieve Embedded Sensitive Data.This issue affects Content Audit Exporter: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 9.8

    CRITICAL
    CVE-2024-53739

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elemen... Read more

    • Published: Nov. 30, 2024
    • Modified: Mar. 19, 2025

  • 4.4

    MEDIUM
    CVE-2024-53738

    Server-Side Request Forgery (SSRF) vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Server Side Request Forgery.This issue affects Asset CleanUp: Page Speed Booster: from n/a through 1.3.9.8.... Read more

    Affected Products : asset_cleanup
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-12002

    A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads t... Read more

    • Published: Nov. 30, 2024
    • Modified: Dec. 10, 2024

  • 5.4

    MEDIUM
    CVE-2024-12001

    A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to ... Read more

    Affected Products : wazifa_system
    • Published: Nov. 30, 2024
    • Modified: Dec. 10, 2024

  • 5.4

    MEDIUM
    CVE-2024-12000

    A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument f... Read more

    Affected Products : blood_bank_system blood_bank_system
    • Published: Nov. 30, 2024
    • Modified: Dec. 10, 2024

  • 7.5

    HIGH
    CVE-2024-11998

    A vulnerability was found in code-projects Farmacia 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /visualizer-forneccedor.chp. The manipulation of the argument id leads to sql injection. The attack can be initi... Read more

    Affected Products : farmacia farmacia farmacia
    • Published: Nov. 30, 2024
    • Modified: Dec. 04, 2024

  • 5.4

    MEDIUM
    CVE-2024-11997

    A vulnerability was found in code-projects Farmacia 1.0. It has been classified as problematic. This affects an unknown part of the file /vendas.php. The manipulation of the argument notaFiscal leads to cross site scripting. It is possible to initiate the... Read more

    Affected Products : farmacia farmacia farmacia
    • Published: Nov. 30, 2024
    • Modified: Dec. 04, 2024

  • 5.4

    MEDIUM
    CVE-2024-11996

    A vulnerability was found in code-projects Farmacia 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /editar-fornecedor.php. The manipulation of the argument cidade leads to cross site scripting. The atta... Read more

    Affected Products : farmacia farmacia farmacia
    • Published: Nov. 30, 2024
    • Modified: Dec. 04, 2024

  • 6.1

    MEDIUM
    CVE-2024-11252

    The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.69 due to insufficient input sanitization and output esc... Read more

    Affected Products : sassy_social_share
    • Published: Nov. 30, 2024
    • Modified: Jul. 09, 2025

  • 8.1

    HIGH
    CVE-2024-43703

    Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.... Read more

    Affected Products : ddk
    • Published: Nov. 30, 2024
    • Modified: Dec. 01, 2024

  • 8.1

    HIGH
    CVE-2024-43702

    Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.... Read more

    Affected Products : ddk
    • Published: Nov. 30, 2024
    • Modified: Dec. 01, 2024

  • 7.5

    HIGH
    CVE-2024-53623

    Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information.... Read more

    Affected Products : archer_c7_firmware
    • Published: Nov. 29, 2024
    • Modified: Dec. 02, 2024

  • 4.1

    MEDIUM
    CVE-2024-54159

    stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack.... Read more

    Affected Products :
    • Published: Nov. 29, 2024
    • Modified: Dec. 03, 2024

  • 6.1

    MEDIUM
    CVE-2024-11995

    A vulnerability has been found in code-projects Farmacia 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /pagamento.php. The manipulation of the argument total leads to cross site scripting. The at... Read more

    Affected Products : farmacia farmacia farmacia
    • Published: Nov. 29, 2024
    • Modified: Dec. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-53507

    A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems.... Read more

    Affected Products : siyuan
    • Published: Nov. 29, 2024
    • Modified: Apr. 14, 2025

  • 9.8

    CRITICAL
    CVE-2024-53506

    A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs.... Read more

    Affected Products : siyuan
    • Published: Nov. 29, 2024
    • Modified: Apr. 14, 2025

  • 9.8

    CRITICAL
    CVE-2024-53505

    A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent.... Read more

    Affected Products : siyuan
    • Published: Nov. 29, 2024
    • Modified: Apr. 14, 2025

  • 9.8

    CRITICAL
    CVE-2024-53504

    A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory.... Read more

    Affected Products : siyuan
    • Published: Nov. 29, 2024
    • Modified: Apr. 14, 2025
Showing 20 of 291520 Results