Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-7666

    A vulnerability, which was classified as critical, has been found in SourceCodester Car Driving School Management System 1.0. Affected by this issue is some unknown functionality of the file view_package.php. The manipulation of the argument id leads to s... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 6.5

    MEDIUM
    CVE-2024-7665

    A vulnerability classified as critical was found in SourceCodester Car Driving School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_package.php. The manipulation of the argument id leads to sql inject... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 6.5

    MEDIUM
    CVE-2024-7664

    A vulnerability classified as critical has been found in SourceCodester Car Driving School Management System 1.0. Affected is an unknown function of the file view_details.php. The manipulation of the argument id leads to sql injection. It is possible to l... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 6.5

    MEDIUM
    CVE-2024-7663

    A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file manage_user.php. The manipulation of the argument id leads to sql injection. The at... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 6.9

    MEDIUM
    CVE-2024-7662

    A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. This vulnerability affects the function save_package of the file admin/packages/manag_package.php. The manipulation leads to cross-s... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 8.8

    HIGH
    CVE-2024-7661

    A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been classified as problematic. This affects the function save_users of the file admin/user/index.php. The manipulation leads to cross-site request forgery. It is... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 7.5

    HIGH
    CVE-2024-7659

    A vulnerability, which was classified as problematic, was found in projectsend up to r1605. Affected is the function generate_random_string of the file includes/functions.php of the component Password Reset Token Handler. The manipulation leads to insuffi... Read more

    Affected Products : projectsend
    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 5.4

    MEDIUM
    CVE-2024-7657

    A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/update_rows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site ... Read more

    Affected Products : gila_cms
    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-38134

    Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability... Read more

    • Published: Aug. 13, 2024
    • Modified: Aug. 15, 2024

  • 8.8

    HIGH
    CVE-2024-42628

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3.... Read more

    Affected Products : frogcms
    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 8.8

    HIGH
    CVE-2024-42624

    FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10.... Read more

    Affected Products : frogcms
    • Published: Aug. 12, 2024
    • Modified: Aug. 15, 2024

  • 8.2

    HIGH
    CVE-2024-38653

    XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 9.1

    CRITICAL
    CVE-2024-38652

    Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.5

    HIGH
    CVE-2024-37399

    A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.2

    HIGH
    CVE-2024-37373

    Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.5

    HIGH
    CVE-2024-36136

    An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-39422

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-39423

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue re... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-39424

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.0

    HIGH
    CVE-2024-39425

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local ... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024
Showing 20 of 290018 Results