Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2024-44296

    The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Con... Read more

    • Published: Oct. 28, 2024
    • Modified: Nov. 14, 2024

  • 7.3

    HIGH
    CVE-2024-10958

    The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an acti... Read more

    Affected Products : wp_photo_album_plus
    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 9.8

    CRITICAL
    CVE-2024-11099

    A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remote... Read more

    Affected Products : job_recruitment
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-47449

    Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issu... Read more

    Affected Products : macos windows audition
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 7.8

    HIGH
    CVE-2024-47452

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open ... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 7.8

    HIGH
    CVE-2024-45114

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open ... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 7.8

    HIGH
    CVE-2024-47450

    Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 7.8

    HIGH
    CVE-2024-47451

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open ... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-47453

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue req... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-47454

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue req... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-47455

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue req... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-47456

    Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue req... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-47457

    Illustrator versions 28.7.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service c... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-47458

    Bridge versions 13.0.9, 14.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of servic... Read more

    Affected Products : macos windows bridge
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 7.5

    HIGH
    CVE-2024-7010

    mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack allows an attacker to compromise the cryptosystem by analyzing the time taken to execute cryptographic algorithms. Specifically, in the context of password ha... Read more

    Affected Products : localai
    • Published: Oct. 29, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-45147

    Bridge versions 13.0.9, 14.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue ... Read more

    Affected Products : macos windows bridge
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 6.8

    MEDIUM
    CVE-2024-8881

    A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating sy... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 4.5

    MEDIUM
    CVE-2024-8882

    A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a ... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.3

    MEDIUM
    CVE-2024-49394

    In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.... Read more

    Affected Products : enterprise_linux mutt neomutt
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024

  • 5.3

    MEDIUM
    CVE-2024-49395

    In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.... Read more

    Affected Products : enterprise_linux mutt neomutt
    • Published: Nov. 12, 2024
    • Modified: Nov. 14, 2024
Showing 20 of 291400 Results