Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2024-48768

    An issue in almaodo GmbH appinventor.ai_google.almando_control 2.3.1 allows a remote attacker to obtain sensitive information via the firmware update process... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 6.5

    MEDIUM
    CVE-2024-46215

    A vulnerability was discovered in KM08-708H-v1.1, There is a buffer overflow in the sub_445BDC() function within the /usr/sbin/goahead program; The strcpy function is executed without checking the length of the string, leading to a buffer overflow.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 5.3

    MEDIUM
    CVE-2024-44807

    A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 6.5

    MEDIUM
    CVE-2024-44415

    A vulnerability was discovered in DI_8200-16.07.26A1, There is a buffer overflow in the dbsrv_asp function; The strcpy function is executed without checking the length of the string, leading to a buffer overflow.... Read more

    Affected Products : di-8200_firmware
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 8.8

    HIGH
    CVE-2024-44413

    A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection.... Read more

    Affected Products : di-8200_firmware
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.8

    HIGH
    CVE-2024-41858

    InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victi... Read more

    Affected Products : macos windows incopy
    • Published: Aug. 14, 2024
    • Modified: Oct. 15, 2024

  • 7.5

    HIGH
    CVE-2024-48776

    An issue in Shelly com.home.shelly 1.0.4 allows a remote attacker to obtain sensitive information via the firmware update process... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.5

    HIGH
    CVE-2024-48775

    An issue in Plug n Play Camera com.ezset.delaney 1.2.0 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.5

    HIGH
    CVE-2024-48773

    An issue in WoFit v.7.2.3 allows a remote attacker to obtain sensitive information via the firmware update process... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.5

    HIGH
    CVE-2024-48788

    An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 9.1

    CRITICAL
    CVE-2024-48787

    An issue in Revic Optics Revic Ops (us.revic.revicops) 1.12.5 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 9.1

    CRITICAL
    CVE-2024-48786

    An issue in SWITCHBOT INC SwitchBot (com.theswitchbot.switchbot) 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 9.8

    CRITICAL
    CVE-2024-48784

    An Incorrect Access Control issue in SAMPMAX com.sampmax.homemax 2.1.2.7 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 9.1

    CRITICAL
    CVE-2024-48778

    An issue in GIANT MANUFACTURING CO., LTD RideLink (tw.giant.ridelink) 2.0.7 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.5

    HIGH
    CVE-2024-48777

    LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 9.1

    CRITICAL
    CVE-2024-48772

    An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 9.1

    CRITICAL
    CVE-2024-48769

    An issue in BURG-WCHTER KG de.burgwachter.keyapp.app 4.5.0 allows a remote attacker to obtain sensitve information via the firmware update process.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 9.8

    CRITICAL
    CVE-2024-9974

    A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=add_to_card of the component POST Request Handler. The manip... Read more

    Affected Products : online_eyewear_shop
    • Published: Oct. 15, 2024
    • Modified: Oct. 15, 2024

  • 9.8

    CRITICAL
    CVE-2024-9973

    A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=reports of the component Report Viewing Page. The manipulation of the argument date leads to ... Read more

    Affected Products : online_eyewear_shop
    • Published: Oct. 15, 2024
    • Modified: Oct. 15, 2024

  • 9.8

    CRITICAL
    CVE-2024-9813

    A vulnerability, which was classified as critical, has been found in Codezips Pharmacy Management System 1.0. This issue affects some unknown processing of the file product/register.php. The manipulation of the argument category leads to sql injection. Th... Read more

    Affected Products : pharmacy_management_system
    • Published: Oct. 10, 2024
    • Modified: Oct. 15, 2024
Showing 20 of 291360 Results