Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2024-46908

    In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.... Read more

    Affected Products : whatsup_gold
    • Published: Dec. 02, 2024
    • Modified: Dec. 10, 2024

  • 8.8

    HIGH
    CVE-2024-46907

    In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.... Read more

    Affected Products : whatsup_gold
    • Published: Dec. 02, 2024
    • Modified: Dec. 10, 2024

  • 8.8

    HIGH
    CVE-2024-46906

    In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.... Read more

    Affected Products : whatsup_gold
    • Published: Dec. 02, 2024
    • Modified: Dec. 06, 2024

  • 8.8

    HIGH
    CVE-2024-46905

    In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.... Read more

    Affected Products : whatsup_gold
    • Published: Dec. 02, 2024
    • Modified: Dec. 03, 2024

  • 4.8

    MEDIUM
    CVE-2024-38827

    The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Jan. 24, 2025

  • 7.5

    HIGH
    CVE-2024-31669

    rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via bin_pe_parse_imports, Pe_r_bin_pe_parse_var, and estimate_slide.... Read more

    Affected Products : rizin
    • Published: Dec. 02, 2024
    • Modified: Jul. 02, 2025

  • 7.8

    HIGH
    CVE-2024-29645

    Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.... Read more

    Affected Products : radare2
    • Published: Dec. 02, 2024
    • Modified: Jul. 01, 2025

  • 10.0

    CRITICAL
    CVE-2024-10905

    IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions allow HTTP/HTTPS access to static content in the IdentityIQ appl... Read more

    Affected Products : identityiq
    • Published: Dec. 02, 2024
    • Modified: Dec. 06, 2024

  • 8.2

    HIGH
    CVE-2024-53793

    Cross-Site Request Forgery (CSRF) vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows Blind SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 8.8

    HIGH
    CVE-2024-53792

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kiboko Labs Watu Quiz allows SQL Injection.This issue affects Watu Quiz: from n/a through 3.4.2.... Read more

    Affected Products : watu_quiz
    • Published: Dec. 02, 2024
    • Modified: Jul. 17, 2025

  • 7.1

    HIGH
    CVE-2024-53789

    Cross-Site Request Forgery (CSRF) vulnerability in Ritesh Sanap Advanced What should we write next about allows Stored XSS.This issue affects Advanced What should we write next about: from n/a through 1.0.3.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 4.3

    MEDIUM
    CVE-2024-53784

    Missing Authorization vulnerability in E-goi Smart Marketing SMS and Newsletters Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Marketing SMS and Newsletters Forms: from n/a through 5.0.9.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-53782

    Cross-Site Request Forgery (CSRF) vulnerability in CMSaccount Photo Video Store allows Cross-Site Scripting (XSS).This issue affects Photo Video Store: from n/a through 21.07.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-53781

    Cross-Site Request Forgery (CSRF) vulnerability in Home Junction SpatialMatch IDX allows Stored XSS.This issue affects SpatialMatch IDX: from n/a through 3.0.9.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-53780

    Cross-Site Request Forgery (CSRF) vulnerability in Rajeev Chauhan Load More Posts allows Stored XSS.This issue affects Load More Posts: from n/a through 1.4.0.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-53779

    Cross-Site Request Forgery (CSRF) vulnerability in Max Engel Yahoo! WebPlayer allows Stored XSS.This issue affects Yahoo! WebPlayer: from n/a through 2.0.6.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-53777

    Cross-Site Request Forgery (CSRF) vulnerability in Alberto Reineri Simple Header and Footer allows Stored XSS.This issue affects Simple Header and Footer: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-53776

    Cross-Site Request Forgery (CSRF) vulnerability in Raphael Heide Donate Me allows Stored XSS.This issue affects Donate Me: from n/a through 1.2.5.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 4.3

    MEDIUM
    CVE-2024-53775

    Cross-Site Request Forgery (CSRF) vulnerability in TannerRitchie Web Applications/DancePress DancePress (TRWA) allows Cross Site Request Forgery.This issue affects DancePress (TRWA): from n/a through 3.1.11.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-53770

    Cross-Site Request Forgery (CSRF) vulnerability in Peter MacIntyre RingCentral Communications allows Stored XSS.This issue affects RingCentral Communications: from n/a through 1.6.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024
Showing 20 of 291712 Results