Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-8343

    A vulnerability, which was classified as critical, was found in SourceCodester Sentiment Based Movie Rating System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save_client of the component User Registration Handler. The manipulati... Read more

    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 7.5

    HIGH
    CVE-2024-39775

    in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read.... Read more

    Affected Products : openharmony openharmony
    • Published: Sep. 02, 2024
    • Modified: Sep. 04, 2024

  • 8.8

    HIGH
    CVE-2024-8342

    A vulnerability, which was classified as critical, has been found in SourceCodester Petshop Management System 1.0. This issue affects some unknown processing of the file /controllers/add_client.php. The manipulation of the argument image_profile leads to ... Read more

    Affected Products : petshop_management_system
    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 8.4

    HIGH
    CVE-2024-39816

    in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.... Read more

    Affected Products : openharmony openharmony
    • Published: Sep. 02, 2024
    • Modified: Sep. 04, 2024

  • 8.8

    HIGH
    CVE-2024-41157

    in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.... Read more

    Affected Products : openharmony openharmony
    • Published: Sep. 02, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41364

    RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.php... Read more

    Affected Products : phoniebox
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41366

    RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\userScripts.php... Read more

    Affected Products : phoniebox
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41367

    RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\api\playlist\appendFileToPlaylist.php... Read more

    Affected Products : phoniebox
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41368

    RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWlanIpMail.php... Read more

    Affected Products : phoniebox
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41361

    RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.php... Read more

    Affected Products : phoniebox
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41369

    RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWifi.php... Read more

    Affected Products : phoniebox
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-8341

    A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0. This vulnerability affects unknown code of the file /controllers/add_user.php. The manipulation of the argument avatar leads to unrestricted upload. The atta... Read more

    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-8340

    A vulnerability classified as critical has been found in SourceCodester Electric Billing Management System 1.0. This affects an unknown part of the file /Actions.php?a=login. The manipulation of the argument username leads to sql injection. It is possible... Read more

    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-8339

    A vulnerability was found in SourceCodester Electric Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /?page=tracks of the component Connection Code Handler. The manipulation of... Read more

    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-8336

    A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. Affected by this vulnerability is an unknown functionality of the file /php-music/classes/Master.php?f=delete_music. The manipulation of the argument id leads to sq... Read more

    Affected Products : music_gallery_site
    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41372

    Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/settyping.php.... Read more

    Affected Products : organizr
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 6.1

    MEDIUM
    CVE-2024-41371

    Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php.... Read more

    Affected Products : organizr
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-41370

    Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/setlike.php.... Read more

    Affected Products : organizr
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 6.1

    MEDIUM
    CVE-2024-41351

    bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics/umeditor1_2_3/php/getContent.php... Read more

    Affected Products : bjyadmin
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024

  • 6.1

    MEDIUM
    CVE-2024-41350

    bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics/umeditor1_2_3/php/imageUp.php... Read more

    Affected Products : bjyadmin
    • Published: Aug. 29, 2024
    • Modified: Sep. 04, 2024
Showing 20 of 290189 Results