Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2024-38652

    Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.5

    HIGH
    CVE-2024-37399

    A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.2

    HIGH
    CVE-2024-37373

    Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.5

    HIGH
    CVE-2024-36136

    An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.... Read more

    Affected Products : avalanche
    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-39422

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-39423

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue re... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-39424

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.0

    HIGH
    CVE-2024-39425

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local ... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-39426

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An atta... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.8

    HIGH
    CVE-2024-41831

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-41833

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitig... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-41834

    Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitig... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33993

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the 'view' parameter in /candidate/index.php'.... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33992

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'vi... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33991

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'vi... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33990

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33989

    Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser... Read more

    Affected Products : school_event_management_system
    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33985

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33986

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024

  • 7.1

    HIGH
    CVE-2024-33987

    Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie vi... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 15, 2024
Showing 20 of 290026 Results