Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-44958

    In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc I got the following warn report while doing stress test: jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jump_label.c:2... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44959

    In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-on... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44976

    In the Linux kernel, the following vulnerability has been resolved: ata: pata_macio: Fix DMA table overflow Kolbjørn and Jonáš reported that their 32-bit PowerMacs were crashing in pata-macio since commit 09fe2bfa6b83 ("ata: pata_macio: Fix max_segment_... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 7.8

    HIGH
    CVE-2024-44977

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Validate TA binary size Add TA binary size validation to avoid OOB write. (cherry picked from commit c0a04e3570d72aaf090962156ad085e37c62e442)... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44979

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing workqueue destroy in xe_gt_pagefault On driver reload we never free up the memory for the pagefault and access counter workqueues. Add those destroy calls here. (ch... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44980

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix opregion leak Being part o the display, ideally the setup and cleanup would be done by display itself. However this is a bigger refactor that needs to be done on both i915 a... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44982

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails If the dpu_format_populate_layout() fails, then FB is prepared, but not cleaned up. This ends up leaking the pin_count on the... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44984

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT Remove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT code path. This should have been removed when we let the page poo... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44994

    In the Linux kernel, the following vulnerability has been resolved: iommu: Restore lost return in iommu_report_device_fault() When iommu_report_device_fault gets called with a partial fault it is supposed to collect the fault into the group and then ret... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 7.2

    HIGH
    CVE-2024-9379

    SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.... Read more

    • Actively Exploited
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 7.2

    HIGH
    CVE-2024-9380

    An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.... Read more

    • Actively Exploited
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 7.5

    HIGH
    CVE-2024-46304

    A NULL pointer dereference in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c.... Read more

    Affected Products :
    • Published: Oct. 09, 2024
    • Modified: Oct. 10, 2024

  • 8.8

    HIGH
    CVE-2024-38259

    Microsoft Management Console Remote Code Execution Vulnerability... Read more

    • Published: Sep. 10, 2024
    • Modified: Oct. 10, 2024

  • 9.8

    CRITICAL
    CVE-2024-44349

    A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in the underlying DB.... Read more

    Affected Products :
    • Published: Oct. 08, 2024
    • Modified: Oct. 10, 2024

  • 9.0

    HIGH
    CVE-2024-9549

    A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffe... Read more

    Affected Products : dir-605l_firmware dir-605l
    • Published: Oct. 06, 2024
    • Modified: Oct. 10, 2024

  • 6.5

    MEDIUM
    CVE-2024-43940

    Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9.... Read more

    Affected Products : zynith
    • Published: Aug. 29, 2024
    • Modified: Oct. 10, 2024

  • 6.5

    MEDIUM
    CVE-2024-43939

    Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9.... Read more

    Affected Products : zynith
    • Published: Aug. 29, 2024
    • Modified: Oct. 10, 2024

  • 10.0

    CRITICAL
    CVE-2024-43918

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WBW Product Table PRO allows SQL Injection.This issue affects WBW Product Table PRO: from n/a through 1.9.4.... Read more

    Affected Products : product_table
    • Published: Aug. 29, 2024
    • Modified: Oct. 10, 2024

  • 7.3

    HIGH
    CVE-2024-47610

    InvenTree is an Open Source Inventory Management System. In affected versions of InvenTree it is possible for a registered user to store javascript in markdown notes fields, which are then displayed to other logged in users who visit the same page and exe... Read more

    Affected Products : inventree
    • Published: Oct. 07, 2024
    • Modified: Oct. 10, 2024

  • 5.1

    MEDIUM
    CVE-2024-47973

    In some Solidigm DC Products, a defect in device overprovisioning may provide information disclosure to an attacker.... Read more

    Affected Products :
    • Published: Oct. 07, 2024
    • Modified: Oct. 10, 2024
Showing 20 of 291219 Results