Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CVSS31
    CVE-2024-47575

    A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet For... Read more

    Affected Products :
    • Actively Exploited
    • Published: Oct. 23, 2024
    • Modified: Oct. 24, 2024

  • 4.7

    CVSS31
    CVE-2024-10301

    A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata l... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.7

    CVSS31
    CVE-2024-10300

    A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 5.3

    CVSS31
    CVE-2024-48644

    Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware Version v3.0.0.1889_23031701) allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts a... Read more

    Affected Products :
    • Published: Oct. 22, 2024
    • Modified: Oct. 23, 2024

  • 9.8

    CVSS31
    CVE-2024-46483

    Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.... Read more

    Affected Products :
    • Published: Oct. 22, 2024
    • Modified: Oct. 23, 2024

  • 5.3

    CVSS31
    CVE-2024-45526

    An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually.... Read more

    Affected Products :
    • Published: Oct. 22, 2024
    • Modified: Oct. 23, 2024

  • 7.5

    CVSS31
    CVE-2024-48964

    The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directo... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 7.5

    CVSS31
    CVE-2024-48963

    The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.7

    CVSS31
    CVE-2024-10299

    A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argume... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.7

    CVSS31
    CVE-2024-10298

    A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argumen... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 8.2

    CVSS31
    CVE-2024-46482

    An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file.... Read more

    Affected Products :
    • Published: Oct. 22, 2024
    • Modified: Oct. 23, 2024

  • 7.5

    CVSS31
    CVE-2024-44331

    Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.... Read more

    Affected Products :
    • Published: Oct. 22, 2024
    • Modified: Oct. 23, 2024

  • 7.5

    CVSS31
    CVE-2024-42643

    Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.... Read more

    Affected Products :
    • Published: Oct. 22, 2024
    • Modified: Oct. 23, 2024

  • 5.3

    CVSS31
    CVE-2024-20526

    A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 8.6

    CVSS31
    CVE-2024-20495

    A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 8.6

    CVSS31
    CVE-2024-20494

    A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulti... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 5.3

    CVSS31
    CVE-2024-20493

    A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny fu... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 6.5

    CVSS31
    CVE-2024-20482

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to elevate privileges on an affected device. To e... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 5.8

    CVSS31
    CVE-2024-20481

    A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.3

    CVSS31
    CVE-2024-20474

    A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer und... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024
Showing 20 of 159 Results