Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-47430

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-47433

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-47434

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-47440

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-49516

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-49517

    Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a v... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-49518

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-49519

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-49520

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-49525

    Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a v... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-47427

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ... Read more

    Affected Products : substance_3d_painter
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 4.7

    MEDIUM
    CVE-2024-50260

    In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dereference: sock_map_link_detach(): sock_map_link_up... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: Nov. 13, 2024

  • 7.1

    HIGH
    CVE-2024-50227

    In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tb_retimer_scan+0xffe/0x1550 [thunderb... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-50229

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, wh... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-50230

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-50231

    In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be0... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-50233

    In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by ze... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-31151

    A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction f... Read more

    Affected Products : wbr-6012_firmware wbr-6012
    • Published: Oct. 30, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-50232

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DI... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: Nov. 13, 2024

  • 8.1

    HIGH
    CVE-2024-28875

    A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction f... Read more

    Affected Products : wbr-6012_firmware wbr-6012
    • Published: Oct. 30, 2024
    • Modified: Nov. 13, 2024
Showing 20 of 291360 Results