Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-41833

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitig... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-41834

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitig... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33993

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the 'view' parameter in /candidate/index.php'.... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33992

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'vi... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33991

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'vi... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33990

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33989

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33985

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33986

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33987

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33988

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33984

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33983

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33982

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33978

    Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'category' parameter in '/index.php'.... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33977

    Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'view' parameter in /admin/orders/index.php'.... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33976

    Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via '... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33975

    Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via '... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 9.8

    CRITICAL
    CVE-2024-33958

    SQL injection vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in 'phonenumber' in '/passwordrecover.php' param... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-34118

    Illustrator versions 28.5, 27.9.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service condition. An attacker could exploit this vulnerability to render the application unresponsive or ... Read more

    Affected Products : macos windows illustrator
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024
Showing 20 of 291274 Results