Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-49916

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw This commit addresses a potential null pointer dereference issue in the `dcn401_init_hw` function. The i... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-49918

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer This commit addresses a potential null pointer dereference issue in the `dcn32_acquire_id... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 7.8

    HIGH
    CVE-2024-47718

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: always wait for both firmware loading attempts In 'rtw_wait_firmware_completion()', always wait for both (regular and wowlan) firmware loading attempts. Otherwise if 'rtw_u... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 7.8

    HIGH
    CVE-2024-47719

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN() overflows wh... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 10.0

    CRITICAL
    CVE-2024-49326

    Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3.... Read more

    Affected Products : affiliator
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 3.3

    LOW
    CVE-2024-50057

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fi... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 10.0

    CRITICAL
    CVE-2024-49324

    Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case Management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through 1.0.0.... Read more

    Affected Products : sovratec_case_management
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-43851

    In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpu_number1 to dummy_cpu_number The per cpu variable cpu_number1 is passed to xlnx_event_handler as argument "dev_id", but it is not used in this function. So drop t... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Oct. 24, 2024

  • 10.0

    CRITICAL
    CVE-2024-49327

    Unrestricted Upload of File with Dangerous Type vulnerability in Asep Bagja Priandana Woostagram Connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through 1.0.2.... Read more

    Affected Products : woostagram_connect
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 10.0

    CRITICAL
    CVE-2024-49329

    Unrestricted Upload of File with Dangerous Type vulnerability in Vivek Tamrakar WP REST API FNS allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through 1.0.0.... Read more

    Affected Products : wp_rest_api_fns
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 7.1

    HIGH
    CVE-2022-49032

    In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4404_read_raw+0x2ce/0x380 Read of size... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 7.1

    HIGH
    CVE-2022-49031

    In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fix oob read in afe4403_read_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4403_read_raw+0x42e/0x4c0 Read of size 4 at ad... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-43849

    In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locator_addr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locator_addr fields concurrently. Protect them by pl... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Oct. 24, 2024

  • 10.0

    CRITICAL
    CVE-2024-49330

    Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0.... Read more

    Affected Products : nice_backgrounds
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 7.8

    HIGH
    CVE-2022-49029

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 ibmpex_register_bmc() warn: '&data->list' not removed f... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 9.9

    CRITICAL
    CVE-2024-49331

    Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through 4.2.38.... Read more

    Affected Products : property_lot_management_system
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2022-49028

    In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add d... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 9.8

    CRITICAL
    CVE-2024-49332

    Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4.... Read more

    Affected Products : giveaway_boost
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 10.0

    CRITICAL
    CVE-2024-49607

    Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0.... Read more

    Affected Products : wp_dropbox_dropins
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024

  • 8.8

    HIGH
    CVE-2024-49608

    : Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows Privilege Escalation.This issue affects GERRYWORKS Post by Mail: from n/a through 1.0.... Read more

    Affected Products : gerryworks_post_by_mail
    • Published: Oct. 20, 2024
    • Modified: Oct. 24, 2024
Showing 20 of 291804 Results