Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    CVSS31
    CVE-2024-47160

    In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possible... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 4.3

    CVSS31
    CVE-2024-47059

    When logging in with the correct username and incorrect weak password, the user receives the notification, that their password is too weak. However when an incorrect username is provided alongside with a weak password, the application responds with ’Inva... Read more

    Affected Products : mautic
    • Published: Sep. 18, 2024
    • Modified: Sep. 19, 2024

  • 4.1

    CVSS31
    CVE-2024-47162

    In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 3.7

    CVSS31
    CVE-2024-46989

    spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Multiple caveats over the same indirect subject type on the same relation can result in no permission being returned w... Read more

    Affected Products : spicedb
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 2.9

    CVSS31
    CVE-2024-47058

    With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session.... Read more

    Affected Products : mautic
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46557

    Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.... Read more

    Affected Products :
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-45366

    Welcart e-Commerce prior to 2.11.2 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser.... Read more

    Affected Products : welcart_e-commerce
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46716

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. In cons... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46718

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs on certain platforms. Use 2M pages for the last unaligned (to 1G) VRAM chun... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46714

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip wbscl_set_scaler_filter if filter is null Callers can pass null in filter (i.e. from returned from the function wbscl_get_filter_coeffs_16p) and a null check is ad... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46715

    In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some callbacks from iio_info structure are accessed without any check, so if a driver doesn't implement them trying to acce... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46720

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix dereference after null check check the pointer hive before use.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46722

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mc_data out-of-bounds read warning Clear warning that read mc_data[i-1] may out-of-bounds.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46723

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning Clear warning that read ucode[] may out-of-bounds.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46724

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Check the fb_channel_number range to avoid the array out-of-bounds read error... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46725

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning Check the ring type value to fix the out-of-bounds write warning... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46727

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update [Why] Coverity reports NULL_RETURN warning. [How] Add otg_master NULL check.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46728

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index for aux_rd_interval before using aux_rd_interval has size of 7 and should be checked. This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coveri... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46729

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix incorrect size calculation for loop [WHY] fe_clk_en has size of 5 but sizeof(fe_clk_en) has byte size 20 which is lager than the array size. [HOW] Divide byte size... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46730

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tg_inst won't be -1 [WHY & HOW] tg_inst will be a negative if timing_generator_count equals 0, which should be checked before used. This fixes 2 OVE... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024
Showing 20 of 321 Results