Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2024-40723

    The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer ove... Read more

    Affected Products : hwatai_servisign
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 4.3

    MEDIUM
    CVE-2024-40722

    The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer ov... Read more

    Affected Products : tcb_servisign
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7336

    A vulnerability classified as critical was found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. The a... Read more

    Affected Products : ex200_firmware ex200
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 8.8

    HIGH
    CVE-2024-40721

    The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arb... Read more

    Affected Products : tcb_servisign
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 8.8

    HIGH
    CVE-2024-40720

    The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execu... Read more

    Affected Products : tcb_servisign
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 6.5

    MEDIUM
    CVE-2024-40719

    The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign Windows Version is insufficient. When a remote attacker tricks a victim into visiting a malicious website, TCBServiSign will treat that website as a legitima... Read more

    Affected Products : tcb_servisign
    • Published: Aug. 02, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7365

    A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage_establishment.php. The manipulation of the argument id leads to sql ... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7364

    A vulnerability has been found in SourceCodester Tracking Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage_records.php. The manipulation of the argument id leads to... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7363

    A vulnerability, which was classified as critical, was found in SourceCodester Tracking Monitoring Management System 1.0. Affected is an unknown function of the file /manage_person.php. The manipulation of the argument id leads to sql injection. It is pos... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7362

    A vulnerability, which was classified as critical, has been found in SourceCodester Tracking Monitoring Management System 1.0. This issue affects some unknown processing of the file /manage_user.php. The manipulation of the argument id leads to sql inject... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7361

    A vulnerability classified as critical was found in SourceCodester Tracking Monitoring Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=save_establishment. The manipulation of the argument id leads to sql injecti... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 8.8

    HIGH
    CVE-2024-7360

    A vulnerability classified as problematic has been found in SourceCodester Tracking Monitoring Management System 1.0. This affects an unknown part of the file /ajax.php. The manipulation leads to cross-site request forgery. It is possible to initiate the ... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 6.1

    MEDIUM
    CVE-2024-7359

    A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_establishment. The manipulation of the argument... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.8

    CRITICAL
    CVE-2024-7366

    A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=login of the component Login. The manipulation of the argument username le... Read more

    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7337

    A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer over... Read more

    Affected Products : ex1200l_firmware ex1200l
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7335

    A vulnerability classified as critical has been found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow... Read more

    Affected Products : ex200_firmware ex200
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7334

    A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. It has been rated as critical. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation leads to buffer overflow. The attack may be initiated... Read more

    Affected Products : ex1200l_firmware ex1200l
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 9.0

    HIGH
    CVE-2024-7333

    A vulnerability was found in TOTOLINK N350RT 9.3.5u.6139_B20201216. It has been declared as critical. This vulnerability affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument week/sTime/eTime leads to buf... Read more

    Affected Products : n350rt_firmware n350rt
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 10.0

    HIGH
    CVE-2024-7332

    A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded pass... Read more

    Affected Products : cp450_firmware cp450
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024

  • 8.8

    HIGH
    CVE-2024-7367

    A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to... Read more

    Affected Products : simple_realtime_quiz_system
    • Published: Aug. 01, 2024
    • Modified: Aug. 09, 2024
Showing 20 of 291003 Results