Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2024-8667

    The HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized post publication due to a missing capability check on the activateCampaign() function in all versions up to, and includ... Read more

    Affected Products : hurrytimer
    • Published: Oct. 24, 2024
    • Modified: Oct. 25, 2024

  • 7.5

    HIGH
    CVE-2024-6049

    The web server of Lawo AG vsm LTC Time Sync (vTimeSync) is affected by a "..." (triple dot) path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating sys... Read more

    Affected Products :
    • Published: Oct. 24, 2024
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2024-9865

    The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ep_booking_attendee_fields’ fields in all versions up to, and including, 4.0.4.7 due to insufficient input sanitization and o... Read more

    Affected Products : eventprime
    • Published: Oct. 24, 2024
    • Modified: Jan. 15, 2025

  • 6.1

    MEDIUM
    CVE-2024-9864

    The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ticket names in all versions up to, and including, 4.0.4.7 due to insufficient input sanitization and output escaping. This makes ... Read more

    Affected Products : eventprime
    • Published: Oct. 24, 2024
    • Modified: Jan. 15, 2025

  • 5.3

    MEDIUM
    CVE-2024-40595

    An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged Sessions (SPS) On Premise before 7.5.1 (and LTS before 7.0.5.1) allows man-in-the-middle attackers to obtain access to privileged sessions on target resources by ... Read more

    Affected Products :
    • Published: Oct. 24, 2024
    • Modified: Oct. 25, 2024

  • 6.1

    MEDIUM
    CVE-2024-9374

    The Terms descriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.4.6. This makes it possible for unauthenticated att... Read more

    Affected Products :
    • Published: Oct. 24, 2024
    • Modified: Oct. 25, 2024

  • 5.3

    MEDIUM
    CVE-2023-50355

    HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack.... Read more

    Affected Products : sametime
    • Published: Oct. 23, 2024
    • Modified: Oct. 31, 2024

  • 4.3

    MEDIUM
    CVE-2024-48213

    RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php.... Read more

    Affected Products : xinhu
    • Published: Oct. 23, 2024
    • Modified: Oct. 31, 2024

  • 6.5

    MEDIUM
    CVE-2024-40432

    A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SFFDISK_DEVICE_COMMAND control of the SD card reader driver allows a privileged attacker to crash the OS.... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 8.8

    HIGH
    CVE-2024-40431

    A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 7.2

    HIGH
    CVE-2024-10301

    A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata l... Read more

    Affected Products : medical_card_generation_system
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 7.2

    HIGH
    CVE-2024-10300

    A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the ... Read more

    Affected Products : medical_card_generation_system
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 8.8

    HIGH
    CVE-2024-48964

    The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directo... Read more

    Affected Products : snyk_cli
    • Published: Oct. 23, 2024
    • Modified: Oct. 30, 2024

  • 9.8

    CRITICAL
    CVE-2024-48963

    The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory ... Read more

    Affected Products : snyk_cli
    • Published: Oct. 23, 2024
    • Modified: Oct. 30, 2024

  • 7.2

    HIGH
    CVE-2024-10299

    A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argume... Read more

    Affected Products : medical_card_generation_system
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 7.2

    HIGH
    CVE-2024-10298

    A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argumen... Read more

    Affected Products : medical_card_generation_system
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 5.8

    MEDIUM
    CVE-2024-9949

    Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application.... Read more

    Affected Products : secureconnector
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 5.3

    MEDIUM
    CVE-2024-20526

    A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a ... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 31, 2024

  • 8.6

    HIGH
    CVE-2024-20495

    A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 15, 2025

  • 8.6

    HIGH
    CVE-2024-20494

    A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulti... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 01, 2025
Showing 20 of 294522 Results