Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2023-52948

    Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.... Read more

    Affected Products : active_backup_for_business_agent
    • Published: Sep. 26, 2024
    • Modified: Oct. 02, 2024

  • 4.0

    MEDIUM
    CVE-2023-52947

    Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to op... Read more

    Affected Products : active_backup_for_business_agent
    • Published: Sep. 26, 2024
    • Modified: Oct. 02, 2024

  • 5.8

    MEDIUM
    CVE-2021-22518

    A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0... Read more

    Affected Products : identity_manager_azuread_driver
    • Published: Sep. 12, 2024
    • Modified: Oct. 02, 2024

  • 7.5

    HIGH
    CVE-2022-26322

    Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has been discovered in OpenText™ Identity Manager REST Driver. This impact version before 1.1.2.0200.... Read more

    Affected Products : identity_manager_rest_driver
    • Published: Sep. 12, 2024
    • Modified: Oct. 02, 2024

  • 9.8

    CRITICAL
    CVE-2024-45823

    CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate ad... Read more

    Affected Products : factorytalk_batch_view
    • Published: Sep. 12, 2024
    • Modified: Oct. 02, 2024

  • 9.0

    CRITICAL
    CVE-2024-0132

    NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use case... Read more

    • Published: Sep. 26, 2024
    • Modified: Oct. 02, 2024

  • 4.1

    MEDIUM
    CVE-2024-0133

    NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful... Read more

    • Published: Sep. 26, 2024
    • Modified: Oct. 02, 2024

  • 8.7

    HIGH
    CVE-2024-45825

    CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.... Read more

    Affected Products : 5015-u8ihft_firmware 5015-u8ihft
    • Published: Sep. 12, 2024
    • Modified: Oct. 02, 2024

  • 8.8

    HIGH
    CVE-2024-45826

    CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file.... Read more

    Affected Products : thinmanager
    • Published: Sep. 12, 2024
    • Modified: Oct. 02, 2024

  • 7.5

    HIGH
    CVE-2024-9199

    Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of service (DoS).... Read more

    Affected Products : clibo_manager
    • Published: Sep. 26, 2024
    • Modified: Oct. 02, 2024

  • 7.6

    HIGH
    CVE-2024-9198

    Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile picture.... Read more

    Affected Products : clibo_manager
    • Published: Sep. 26, 2024
    • Modified: Oct. 02, 2024

  • 4.8

    MEDIUM
    CVE-2024-3635

    The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is... Read more

    Affected Products : the_post_grid
    • Published: Sep. 30, 2024
    • Modified: Oct. 02, 2024

  • 8.1

    HIGH
    CVE-2021-27916

    Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete files other than those in the media folders such as system ... Read more

    Affected Products : mautic
    • Published: Sep. 17, 2024
    • Modified: Oct. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-46824

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cache_invalidate_user ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-46829

    In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the good case it returns with the lock held and in the deadlo... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 7.8

    HIGH
    CVE-2024-46831

    In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcap_del_rule.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-46835

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix smatch static checker warning adev->gfx.imu.funcs could be NULL... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-46822

    In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if wa... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-46808

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range [Why & How] ASSERT if return NULL from kcalloc.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 7.8

    HIGH
    CVE-2024-46844

    In the Linux kernel, the following vulnerability has been resolved: um: line: always fill *error_out in setup_one_line() The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024
Showing 20 of 291205 Results