Latest CVE Feed
-
9.8
CRITICALCVE-2024-52306
FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerability is fixed in 3.0.9.... Read more
Affected Products : filemanager- Published: Nov. 13, 2024
- Modified: Nov. 19, 2024
-
10.0
CRITICALCVE-2022-1884
A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` t... Read more
- Published: Nov. 15, 2024
- Modified: Nov. 19, 2024
-
9.8
CRITICALCVE-2023-0109
A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is acces... Read more
Affected Products : memos- Published: Nov. 15, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2023-0737
wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4.... Read more
Affected Products : wallabag- Published: Nov. 15, 2024
- Modified: Nov. 19, 2024
-
7.8
HIGHCVE-2024-43530
Windows Update Stack Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2- Published: Nov. 12, 2024
- Modified: Nov. 19, 2024
-
8.1
HIGHCVE-2024-43598
LightGBM Remote Code Execution Vulnerability... Read more
Affected Products : lightgbm- Published: Nov. 12, 2024
- Modified: Nov. 19, 2024
-
9.9
CRITICALCVE-2024-43602
Azure CycleCloud Remote Code Execution Vulnerability... Read more
Affected Products : azure_cyclecloud- Published: Nov. 12, 2024
- Modified: Nov. 19, 2024
-
8.8
HIGHCVE-2024-43624
Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products- Published: Nov. 12, 2024
- Modified: Nov. 19, 2024
-
7.8
HIGHCVE-2024-43626
Windows Telephony Service Elevation of Privilege Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 19, 2024
-
7.8
HIGHCVE-2024-50159
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Clang static checker(scan-build) throws below warning: | drivers/firmware/arm_scmi/driver.c:line 2915, column 2... Read more
Affected Products : linux_kernel- Published: Nov. 07, 2024
- Modified: Nov. 19, 2024
-
5.5
MEDIUMCVE-2024-50152
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfree(e... Read more
Affected Products : linux_kernel- Published: Nov. 07, 2024
- Modified: Nov. 19, 2024
-
7.8
HIGHCVE-2024-43630
Windows Kernel Elevation of Privilege Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-49051
Microsoft PC Manager Elevation of Privilege Vulnerability... Read more
Affected Products : pc_manager- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-43631
Windows Secure Kernel Mode Elevation of Privilege Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
6.5
MEDIUM- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
6.8
MEDIUMCVE-2024-43634
Windows USB Video Class System Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
8.8
HIGHCVE-2024-43635
Windows Telephony Service Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-43636
Win32k Elevation of Privilege Vulnerability... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
6.8
MEDIUMCVE-2024-43638
Windows USB Video Class System Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
9.8
CRITICALCVE-2024-43639
Windows KDC Proxy Remote Code Execution Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024