Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

8.8

HIGH

CVE-2024-45733

In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration....

Affected Products : windows splunk
Published: Oct. 14, 2024

Modified: Oct. 16, 2024
4.3

MEDIUM

CVE-2024-45734

In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. ...

Affected Products : splunk
Published: Oct. 14, 2024

Modified: Oct. 16, 2024
4.3

MEDIUM

CVE-2024-45735

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value ...

Affected Products : splunk splunk_cloud_platform splunk_secure_gateway
Published: Oct. 14, 2024

Modified: Oct. 16, 2024
6.5

MEDIUM

CVE-2024-45736

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with...

Affected Products : splunk splunk_cloud_platform
Published: Oct. 14, 2024

Modified: Oct. 16, 2024
4.3

MEDIUM

CVE-2024-45737

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of Ap...

Affected Products : splunk splunk_cloud_platform
Published: Oct. 14, 2024

Modified: Oct. 16, 2024
8.7

HIGH

CVE-2024-39516

An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, ...

Affected Products : junos junos_os_evolved
Published: Oct. 09, 2024

Modified: Oct. 16, 2024
8.8

HIGH

CVE-2024-9894

A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the att...

Affected Products : blood_bank_system blood_bank_system
Published: Oct. 12, 2024

Modified: Oct. 16, 2024
8.8

HIGH

CVE-2024-9905

A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument id leads to sq...

Affected Products : online_eyewear_shop
Published: Oct. 13, 2024

Modified: Oct. 16, 2024
5.4

MEDIUM

CVE-2024-9906

A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site sc...

Affected Products : online_eyewear_shop
Published: Oct. 13, 2024

Modified: Oct. 16, 2024
9.8

CRITICAL

CVE-2024-9916

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection. Th...

Affected Products : usualtoolcms
Published: Oct. 13, 2024

Modified: Oct. 16, 2024
7.5

HIGH

CVE-2024-9983

Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files....

Affected Products : enterprise_cloud_database
Published: Oct. 15, 2024

Modified: Oct. 16, 2024
9.8

CRITICAL

CVE-2024-9984

Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie....

Affected Products : enterprise_cloud_database
Published: Oct. 15, 2024

Modified: Oct. 16, 2024
10.0

CRITICAL

CVE-2024-9985

Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server....

Affected Products : enterprise_cloud_database
Published: Oct. 15, 2024

Modified: Oct. 16, 2024
7.1

HIGH

CVE-2024-43581

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability...

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 +2 more products
Published: Oct. 08, 2024

Modified: Oct. 16, 2024
7.8

HIGH

CVE-2024-43576

Microsoft Office Remote Code Execution Vulnerability...

Affected Products : 365_apps office_long_term_servicing_channel office_2024
Published: Oct. 08, 2024

Modified: Oct. 16, 2024
7.5

HIGH

CVE-2024-43575

Windows Hyper-V Denial of Service Vulnerability...

Affected Products : windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2
Published: Oct. 08, 2024

Modified: Oct. 16, 2024
7.3

HIGH

CVE-2024-43571

Sudo for Windows Spoofing Vulnerability...

Affected Products : windows_11_24h2
Published: Oct. 08, 2024

Modified: Oct. 16, 2024
7.0

HIGH

CVE-2024-43570

Windows Kernel Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 +10 more products
Published: Oct. 08, 2024

Modified: Oct. 16, 2024
8.8

HIGH

CVE-2024-43532

Remote Registry Service Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 +10 more products
Published: Oct. 08, 2024

Modified: Oct. 16, 2024
6.5

MEDIUM

CVE-2024-43537

Windows Mobile Broadband Driver Denial of Service Vulnerability...

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_21h2 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +1 more products
Published: Oct. 08, 2024

Modified: Oct. 16, 2024

Showing 20 of 291385 Results

Latest CVE Feed

8.8

4.3

4.3

6.5

4.3

8.7

8.8

8.8

5.4

9.8

7.5

9.8

10.0

7.1

7.8

7.5

7.3

7.0

8.8

6.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable