Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.8

    MEDIUM
    CVE-2024-27200

    Improper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 5.3

    MEDIUM
    CVE-2024-23919

    Improper buffer restrictions in some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.9

    MEDIUM
    CVE-2024-34170

    Improper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : graphics_drivers
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 8.0

    HIGH
    CVE-2024-52552

    Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 2.2

    LOW
    CVE-2024-28051

    Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 7.7

    HIGH
    CVE-2024-28028

    Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 7.5

    HIGH
    CVE-2024-51996

    Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the username attached with the co... Read more

    Affected Products : symfony
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.7

    MEDIUM
    CVE-2024-34022

    Improper Access Control in some Thunderbolt(TM) Share software before version 1.0.49.9 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.7

    MEDIUM
    CVE-2024-31407

    Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software for Intel(R) Quartus(R) Prime Pro Edition Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 8.5

    HIGH
    CVE-2024-22185

    Time-of-check Time-of-use Race Condition in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.7

    MEDIUM
    CVE-2024-25647

    Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-36284

    Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-29085

    Improper access control for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.7

    MEDIUM
    CVE-2024-29077

    Improper access control in some JAM STAPL Player software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.8

    MEDIUM
    CVE-2024-28049

    Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.8

    MEDIUM
    CVE-2024-32044

    Improper access control for some Intel(R) Arc(TM) Pro Graphics for Windows drivers before version 31.0.101.5319 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products :
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 6.7

    MEDIUM
    CVE-2024-34165

    Uncontrolled search path in some Intel(R) oneAPI DPC++/C++ Compiler before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : oneapi_dpc\+\+\/c\+\+_compiler
    • Published: Nov. 13, 2024
    • Modified: Nov. 15, 2024

  • 9.3

    CRITICAL
    CVE-2024-48974

    The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to force unauthorized changes to the device's configuration settings and/or compromise device functionality by pushing a co... Read more

    Affected Products :
    • Published: Nov. 14, 2024
    • Modified: Nov. 15, 2024

  • 7.5

    HIGH
    CVE-2024-45254

    VaeMendis - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products :
    • Published: Nov. 14, 2024
    • Modified: Nov. 15, 2024

  • 9.3

    CRITICAL
    CVE-2024-48971

    The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in plaintext form. This could allow an attacker to obtain the password off the ventilator and use it to gain unauthorized access to the device, with clinician p... Read more

    Affected Products :
    • Published: Nov. 14, 2024
    • Modified: Nov. 15, 2024
Showing 20 of 293505 Results