Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-46817

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. [How] Return failure to amdgpu_dm_... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-46778

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfiguration_params_st's UnboundedRequestEnabled is a pointer (i.e. dml_bool_t *UnboundedRequestEnabled), and... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-52613

    A heap-based buffer under-read in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to cause Denial of Service (DoS) via a crafted MOV video file.... Read more

    Affected Products : tsmuxer
    • Published: Nov. 14, 2024
    • Modified: Nov. 20, 2024

  • 7.5

    HIGH
    CVE-2024-50968

    A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to ... Read more

    • Published: Nov. 14, 2024
    • Modified: Nov. 20, 2024

  • 7.8

    HIGH
    CVE-2024-23715

    In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exp... Read more

    Affected Products : android
    • Published: Nov. 13, 2024
    • Modified: Nov. 20, 2024

  • 7.8

    HIGH
    CVE-2023-35686

    In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not need... Read more

    Affected Products : android
    • Published: Nov. 13, 2024
    • Modified: Nov. 20, 2024

  • 7.8

    HIGH
    CVE-2023-35659

    In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction ... Read more

    Affected Products : android
    • Published: Nov. 13, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2017-13227

    In the autofill service, the package name that is provided by the app process is trusted inappropriately.  This could lead to information disclosure with no additional execution privileges needed.  User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Nov. 14, 2024
    • Modified: Nov. 20, 2024

  • 7.8

    HIGH
    CVE-2024-46820

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handle the IRQ state as well. So the calls to disable IRQ and... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-46780

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect references to superblock parameters exposed in sysfs The superblock buffers of nilfs2 can not only be overwritten at runtime for modifications/repairs, but they are also... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-46789

    In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s->flags in the alloc_tagging_slab_free_hook When enable CONFIG_MEMCG & CONFIG_KFENCE & CONFIG_KMEMLEAK, the following warning always occurs,This is because the f... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-46825

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is normally called with input from the firmware, so it should use IWL_FW... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-46826

    In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory w... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Nov. 20, 2024

  • 7.6

    HIGH
    CVE-2024-52435

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in W3 Eden, Inc. Premium Packages allows SQL Injection.This issue affects Premium Packages: from n/a through 5.9.3.... Read more

    • Published: Nov. 18, 2024
    • Modified: Nov. 20, 2024

  • 6.1

    MEDIUM
    CVE-2024-20525

    A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not p... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 06, 2024
    • Modified: Nov. 20, 2024

  • 6.1

    MEDIUM
    CVE-2024-20530

    A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not p... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 06, 2024
    • Modified: Nov. 20, 2024

  • 6.5

    MEDIUM
    CVE-2024-20531

    A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side request forgery (SSRF) attack through an affected device. To e... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 06, 2024
    • Modified: Nov. 20, 2024

  • 8.8

    HIGH
    CVE-2024-49574

    Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.... Read more

    Affected Products : manageengine_adaudit_plus
    • Published: Nov. 18, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-53050

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in hdcp2_get_capability Add encoder check in intel_hdcp2_get_capability to avoid null pointer error.... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-53051

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intel_hdcp_get_capabili... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 20, 2024
Showing 20 of 291360 Results