Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-10121

    A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../ leads to authorization bypass. The attack may be initia... Read more

    Affected Products : radar
    • Published: Oct. 18, 2024
    • Modified: Oct. 30, 2024

  • 8.3

    HIGH
    CVE-2024-9593

    The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. This allo... Read more

    Affected Products : time_clock
    • Published: Oct. 18, 2024
    • Modified: Oct. 29, 2024

  • 8.8

    HIGH
    CVE-2024-48016

    Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to inform... Read more

    Affected Products : secure_connect_gateway
    • Published: Oct. 18, 2024
    • Modified: Dec. 13, 2024

  • 8.1

    HIGH
    CVE-2024-47241

    Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access an... Read more

    Affected Products : secure_connect_gateway
    • Published: Oct. 18, 2024
    • Modified: Dec. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-10120

    A vulnerability has been found in wfh45678 Radar up to 1.0.8 and classified as critical. This vulnerability affects unknown code of the file /services/v1/common/upload. The manipulation of the argument file leads to unrestricted upload. The attack can be ... Read more

    Affected Products : radar
    • Published: Oct. 18, 2024
    • Modified: Oct. 30, 2024

  • 7.8

    HIGH
    CVE-2023-6080

    Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.... Read more

    Affected Products : systrack_lsiagent
    • Published: Oct. 18, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-42508

    This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.... Read more

    Affected Products : oneview
    • Published: Oct. 18, 2024
    • Modified: Mar. 17, 2025

  • 9.8

    CRITICAL
    CVE-2024-9537

    ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made availabl... Read more

    Affected Products : sl1
    • Actively Exploited
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.3

    MEDIUM
    CVE-2024-47240

    Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and ... Read more

    Affected Products : secure_connect_gateway
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.4

    MEDIUM
    CVE-2024-9674

    The Debrandify · Remove or Replace WordPress Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes... Read more

    Affected Products : debrandify
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 5.9

    MEDIUM
    CVE-2024-43300

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a through 1.0.11.... Read more

    Affected Products : movie_database
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.4

    MEDIUM
    CVE-2024-9425

    The Advanced Category and Custom Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ad_tax_image shortcode in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escapin... Read more

    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49243

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a thr... Read more

    Affected Products : dynamic_elementor_addons
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.5

    MEDIUM
    CVE-2024-49241

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3.... Read more

    Affected Products : tito
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49240

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5.... Read more

    Affected Products : ab_categories_search_widget
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49239

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nikhil Vaghela Add Categories Post Footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through 2.2.2.... Read more

    Affected Products : add_categories_post_footer
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49238

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in M. Konieczny, DH9SB ADIF Log Search Widget allows Reflected XSS.This issue affects ADIF Log Search Widget: from n/a through 1.0f.... Read more

    Affected Products : adif_log_search_widget
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49236

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hafiz Uddin Ahmed Crazy Call To Action Box allows Stored XSS.This issue affects Crazy Call To Action Box: from n/a through 1.0.5.... Read more

    Affected Products : crazy_call_to_action_box
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49234

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in themeworm Plexx Elementor Extension allows Stored XSS.This issue affects Plexx Elementor Extension: from n/a through 1.3.4.... Read more

    Affected Products : plexx_elementor_extension
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49233

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MadrasThemes MAS Elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through 1.1.6.... Read more

    Affected Products : mas_elementor
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024
Showing 20 of 294759 Results