Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2024-46963

    The com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in One) application through 5.1.9 for Android allows an attacker to execute arbitrary JavaScript code via the com.bluesky.browser.ui.BrowserMainActivity component.... Read more

    Affected Products :
    • Published: Nov. 11, 2024
    • Modified: Nov. 12, 2024

  • 9.1

    CRITICAL
    CVE-2024-46962

    The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.video.fast.SpeedMainAct component.... Read more

    Affected Products :
    • Published: Nov. 11, 2024
    • Modified: Nov. 12, 2024

  • 5.2

    MEDIUM
    CVE-2024-33660

    An exploit is possible where an actor with physical access can manipulate SPI flash without being detected.... Read more

    Affected Products : aptio_v
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-50099

    In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR (literal) uprobe support The simulate_ldr_literal() and simulate_ldrsw_literal() functions are unsafe to use for uprobes. Both functions were originally... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-50098

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEV_QUIESCE was set for all LU's scsi_devices... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-50097

    In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms (such as i.MX25 and i.MX27) do not support PTP, so on these platforms fec_ptp_init() is not called and the related me... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-50096

    In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error The `nouveau_dmem_copy_one` function ensures that the copy push command is sent to the device firmware but does not tra... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 12, 2024

  • 5.3

    MEDIUM
    CVE-2024-11123

    A vulnerability, which was classified as problematic, was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. This affects an unknown part of the file /crm/data/pdf.php. The manipulation of the argument url with the input ../config.inc.php leads to path tra... Read more

    Affected Products :
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024

  • 6.5

    MEDIUM
    CVE-2024-11122

    A vulnerability, which was classified as critical, has been found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index.php?msgid=1&operation=upload. The manipulation of the a... Read more

    Affected Products :
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024

  • 6.5

    MEDIUM
    CVE-2024-11121

    A vulnerability classified as critical was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?module=Users&action=getActionList. The manipulation of t... Read more

    Affected Products :
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024

  • 6.5

    MEDIUM
    CVE-2024-11060

    A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform 金和数字化智能办公平台 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the argument id leads to ... Read more

    Affected Products :
    • Published: Nov. 11, 2024
    • Modified: Nov. 12, 2024

  • 7.1

    HIGH
    CVE-2024-49401

    Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 12, 2024

  • 7.1

    HIGH
    CVE-2024-34679

    Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 12, 2024

  • 4.6

    MEDIUM
    CVE-2024-34674

    Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 12, 2024

  • 4.6

    MEDIUM
    CVE-2024-34675

    Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 12, 2024

  • 4.0

    MEDIUM
    CVE-2024-34677

    Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-34680

    Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.... Read more

    Affected Products : android android
    • Published: Nov. 06, 2024
    • Modified: Nov. 12, 2024

  • 3.1

    LOW
    CVE-2024-11126

    A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The complexity ... Read more

    Affected Products :
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024

  • 7.8

    HIGH
    CVE-2024-37365

    A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potenti... Read more

    Affected Products : factorytalk_view
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024

  • 7.2

    HIGH
    CVE-2024-42442

    APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside ... Read more

    Affected Products :
    • Published: Nov. 12, 2024
    • Modified: Nov. 12, 2024
Showing 20 of 291254 Results