Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2024-7359

    A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_establishment. The manipulation of the argument... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7366

    A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=login of the component Login. The manipulation of the argument username le... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7337

    A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer over... Read more

    Affected Products : ex1200l_firmware ex1200l
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7335

    A vulnerability classified as critical has been found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow... Read more

    Affected Products : ex200_firmware ex200
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7334

    A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. It has been rated as critical. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation leads to buffer overflow. The attack may be initiated... Read more

    Affected Products : ex1200l_firmware ex1200l
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7333

    A vulnerability was found in TOTOLINK N350RT 9.3.5u.6139_B20201216. It has been declared as critical. This vulnerability affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument week/sTime/eTime leads to buf... Read more

    Affected Products : n350rt_firmware n350rt
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 10.0

    HIGH
    CVE-2024-7332

    A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded pass... Read more

    Affected Products : cp450_firmware cp450
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 8.8

    HIGH
    CVE-2024-7367

    A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to... Read more

    Affected Products : simple_realtime_quiz_system
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7374

    A vulnerability classified as critical was found in SourceCodester Simple Realtime Quiz System 1.0. This vulnerability affects unknown code of the file /manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be initiat... Read more

    Affected Products : simple_realtime_quiz_system
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7375

    A vulnerability, which was classified as critical, has been found in SourceCodester Simple Realtime Quiz System 1.0. This issue affects some unknown processing of the file /my_quiz_result.php. The manipulation of the argument quiz leads to sql injection. ... Read more

    Affected Products : simple_realtime_quiz_system
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7376

    A vulnerability, which was classified as critical, was found in SourceCodester Simple Realtime Quiz System 1.0. Affected is an unknown function of the file /print_quiz_records.php. The manipulation of the argument id leads to sql injection. It is possible... Read more

    Affected Products : simple_realtime_quiz_system
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7377

    A vulnerability has been found in SourceCodester Simple Realtime Quiz System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /view_result.php. The manipulation of the argument qid leads to sql injecti... Read more

    Affected Products : simple_realtime_quiz_system
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7378

    A vulnerability was found in SourceCodester Simple Realtime Quiz System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage_question.php. The manipulation of the argument id leads to sql injection. The ... Read more

    Affected Products : simple_realtime_quiz_system
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 7.8

    HIGH
    CVE-2024-37142

    Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code... Read more

    Affected Products : peripheral_manager
    • Published: Jul. 31, 2024
    • Modified: Aug. 08, 2024

  • 7.8

    HIGH
    CVE-2024-32857

    Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary cod... Read more

    Affected Products : peripheral_manager
    • Published: Jul. 31, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33959

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-42248

    In the Linux kernel, the following vulnerability has been resolved: tty: serial: ma35d1: Add a NULL check for of_node The pdev->dev.of_node can be NULL if the "serial" node is absent. Add a NULL check to return an error in such cases.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 3.3

    LOW
    CVE-2024-42249

    In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. Thi... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-42250

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the ra... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-7582

    A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to ... Read more

    Affected Products : i22_firmware i22
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024
Showing 20 of 289991 Results