Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-51577

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Camunda Services GmbH bpmn.Io allows Stored XSS.This issue affects bpmn.Io: from n/a through 1.0.... Read more

    Affected Products : bpmn.io
    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 6.5

    MEDIUM
    CVE-2024-51584

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Anas Edreesi Marquee Elementor with Posts allows DOM-Based XSS.This issue affects Marquee Elementor with Posts: from n/a through 1.2.0.... Read more

    Affected Products : marquee_elementor_with_posts
    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 6.5

    MEDIUM
    CVE-2024-51583

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KentoThemes Kento Ads Rotator allows Stored XSS.This issue affects Kento Ads Rotator: from n/a through 1.3.... Read more

    Affected Products : kento_ads_rotator
    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-44197

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Nov. 14, 2024

  • 7.5

    HIGH
    CVE-2024-44196

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Nov. 14, 2024

  • 7.8

    HIGH
    CVE-2024-46951

    An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.... Read more

    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 8.4

    HIGH
    CVE-2024-46952

    An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).... Read more

    Affected Products : debian_linux ghostscript
    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 7.8

    HIGH
    CVE-2024-46953

    An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.... Read more

    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 6.1

    MEDIUM
    CVE-2024-47648

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in EventPrime Events EventPrime.This issue affects EventPrime: from n/a through 4.0.4.5.... Read more

    Affected Products : eventprime eventprime
    • Published: Oct. 10, 2024
    • Modified: Nov. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-46955

    An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.... Read more

    • Published: Nov. 10, 2024
    • Modified: Nov. 14, 2024

  • 8.2

    HIGH
    CVE-2024-47604

    NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser.... Read more

    Affected Products : nugetgallery
    • Published: Oct. 01, 2024
    • Modified: Nov. 13, 2024

  • 8.7

    HIGH
    CVE-2024-50310

    A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesy... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.3

    HIGH
    CVE-2024-47942

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the sy... Read more

    Affected Products : solid_edge_se2024
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-47941

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attack... Read more

    Affected Products : solid_edge_se2024
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-47940

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attack... Read more

    Affected Products : solid_edge_se2024
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 8.4

    HIGH
    CVE-2024-47808

    A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an... Read more

    Affected Products : sinec_nms
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 8.5

    HIGH
    CVE-2024-47783

    A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the servic... Read more

    Affected Products : siport_mp siport
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 8.1

    HIGH
    CVE-2024-46892

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an auth... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 9.4

    CRITICAL
    CVE-2024-46890

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privilege... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 6.9

    MEDIUM
    CVE-2024-46889

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key materia... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024
Showing 20 of 291573 Results