Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.8

MEDIUM

CVE-2024-43643

Windows USB Video Class System Driver Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
7.8

HIGH

CVE-2024-43646

Windows Secure Kernel Mode Elevation of Privilege Vulnerability...

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 +4 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
7.8

HIGH

CVE-2024-43645

Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability...

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
7.8

HIGH

CVE-2024-43644

Windows Client-Side Caching Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
6.9

MEDIUM

CVE-2024-10315

In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Alpha Inferno PVT LTD....

Affected Products :
Published: Nov. 11, 2024

Modified: Nov. 18, 2024
7.8

HIGH

CVE-2024-49046

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
8.1

HIGH

CVE-2024-49048

TorchGeo Remote Code Execution Vulnerability...

Affected Products : torchgeo
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
7.8

HIGH

CVE-2024-43629

Windows DWM Core Library Elevation of Privilege Vulnerability...

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
5.5

MEDIUM

CVE-2023-4134

A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system...

Affected Products : linux_kernel fedora
Published: Nov. 14, 2024

Modified: Nov. 18, 2024
7.1

HIGH

CVE-2024-49049

Visual Studio Code Remote Extension Elevation of Privilege Vulnerability...

Affected Products : visual_studio_code remote_ssh
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
7.5

HIGH

CVE-2024-3760

In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page, leading to an email bombing vulnerability. Attackers can exploit this by automating forgot password requests to flood targeted user accounts with a high volum...

Affected Products : lunary
Published: Nov. 14, 2024

Modified: Nov. 18, 2024
4.3

MEDIUM

CVE-2024-1682

An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, av...

Affected Products :
Published: Nov. 14, 2024

Modified: Nov. 18, 2024
9.6

CRITICAL

CVE-2024-3379

In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows unprivileged users to re-generate the private key for projects they do not have access to. Specifically, a user with a 'Member' role can issue a request to r...

Affected Products : lunary
Published: Nov. 14, 2024

Modified: Nov. 18, 2024
5.5

MEDIUM

CVE-2024-50148

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Co...

Affected Products : linux_kernel
Published: Nov. 07, 2024

Modified: Nov. 18, 2024
5.5

MEDIUM

CVE-2024-50147

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during ...

Affected Products : linux_kernel
Published: Nov. 07, 2024

Modified: Nov. 18, 2024
5.5

MEDIUM

CVE-2024-50144

In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix unbalanced rpm put() with fence_fini() Currently we can call fence_fini() twice if something goes wrong when sending the GuC CT for the tlb request, since we signal the fenc...

Affected Products : linux_kernel
Published: Nov. 07, 2024

Modified: Nov. 18, 2024
7.8

HIGH

CVE-2024-49019

Active Directory Certificate Services Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2008_r2 +2 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
8.8

HIGH

CVE-2024-43627

Windows Telephony Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
8.8

HIGH

CVE-2024-43628

Windows Telephony Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Nov. 12, 2024

Modified: Nov. 18, 2024
7.2

HIGH

CVE-2024-50972

A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter....

Affected Products : construction_management_system
Published: Nov. 13, 2024

Modified: Nov. 18, 2024

Showing 20 of 291255 Results

Latest CVE Feed

6.8

7.8

7.8

7.8

6.9

7.8

8.1

7.8

5.5

7.1

7.5

4.3

9.6

5.5

5.5

5.5

7.8

8.8

8.8

7.2

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable