Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-8403

    Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in... Read more

    Affected Products : melsec_iq-f_firmware
    • Published: Nov. 19, 2024
    • Modified: Nov. 20, 2024

  • 8.8

    HIGH
    CVE-2024-48292

    An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 5.5

    MEDIUM
    CVE-2024-48294

    A NULL pointer dereference in the component libPdfCore.dll of Wondershare PDF Reader v1.0.9.2544 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 6.4

    MEDIUM
    CVE-2024-10390

    The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. This makes it possible for authenticated a... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-48293

    Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated attackers with low-level privileges to arbitrarily modify antivirus settings.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 9.8

    CRITICAL
    CVE-2024-47533

    Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. `utils.get_shared_secret()` always returns... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-51655

    Cross-Site Request Forgery (CSRF) vulnerability in Microkid Custom Author URL allows Stored XSS.This issue affects Custom Author URL: from n/a through 2.0.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-51648

    Cross-Site Request Forgery (CSRF) vulnerability in Hands, Inc e-shops allows Reflected XSS.This issue affects e-shops: from n/a through 1.0.3.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-52343

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Offshorent Softwares Pvt. Ltd. | Jinesh.P.V OS Pricing Tables allows Stored XSS.This issue affects OS Pricing Tables: from n/a through 1.2.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50554

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sided Sided allows DOM-Based XSS.This issue affects Sided: from n/a through 1.4.2.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51617

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rami Yushuvaev Clyp allows Stored XSS.This issue affects Clyp: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51801

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jake Brown Brand my Footer allows DOM-Based XSS.This issue affects Brand my Footer: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-51654

    Cross-Site Request Forgery (CSRF) vulnerability in APK.Support APK Downloader allows Stored XSS.This issue affects APK Downloader: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-50533

    Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through 1.2.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50549

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bonway Services Bonway Static Block Editor allows DOM-Based XSS.This issue affects Bonway Static Block Editor: from n/a through 1.1.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-52341

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Offshorent Solutions Pvt Ltd. | Jinesh.P.V OS Our Team allows Stored XSS.This issue affects OS Our Team: from n/a through 1.7.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-50534

    Cross-Site Request Forgery (CSRF) vulnerability in Syed Umair Hussain Shah World Prayer Time allows Stored XSS.This issue affects World Prayer Time: from n/a through 2.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50537

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Marra Smart Mockups allows Stored XSS.This issue affects Smart Mockups: from n/a through 1.2.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50547

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themedy Themedy Toolbox allows DOM-Based XSS.This issue affects Themedy Toolbox: from n/a through 1.0.16.... Read more

    Affected Products : toolbox
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-51649

    Cross-Site Request Forgery (CSRF) vulnerability in Patrick Lumumba Mobilize allows Stored XSS.This issue affects Mobilize: from n/a through 3.0.7.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024
Showing 20 of 294464 Results