Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-44933

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl() A recent commit has modified the code in __bnxt_reserve_rings() to set the default RSS indirection table to default only whe... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 7.8

    HIGH
    CVE-2024-44934

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free[1] which is caused because the bridge doesn't make sure that all previous garbage has been... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 5.5

    MEDIUM
    CVE-2022-48924

    In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: fix memory leak in int3400_notify() It is easy to hit the below memory leaks in my TigerLake platform: unreferenced object 0xffff927c8b91dbc0 (size 32): comm "kwork... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 27, 2024

  • 7.8

    HIGH
    CVE-2022-48919

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delaye... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 27, 2024

  • 5.5

    MEDIUM
    CVE-2022-48918

    In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: check debugfs_dir ptr before use When "debugfs=off" is used on the kernel command line, iwiwifi's mvm module uses an invalid/unchecked debugfs_dir pointer and causes a BUG... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 27, 2024

  • 5.5

    MEDIUM
    CVE-2022-48915

    In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix TZ_GET_TRIP NULL pointer dereference Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the thermal zone does not define one.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Aug. 27, 2024

  • 9.8

    CRITICAL
    CVE-2024-41285

    A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path.... Read more

    Affected Products : fw300r_firmware fw300r
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 9.8

    CRITICAL
    CVE-2024-8170

    A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The manipulation of the argument folder leads to unrestricted upload. It is possib... Read more

    Affected Products : zipped_folder_manager_app
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 9.8

    CRITICAL
    CVE-2024-8171

    A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file staffcatedit.php. The manipulation of the argument title leads to sql injection. The attack can be initia... Read more

    Affected Products : tailoring_management_system
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 6.1

    MEDIUM
    CVE-2024-8172

    A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Attendance System 1.0. This issue affects some unknown processing of the file /endpoint/delete-student.php. The manipulation of the argument student/attendance ... Read more

    Affected Products : qr_code_attendance_system
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 4.3

    MEDIUM
    CVE-2024-43336

    Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.This issue affects WP User Manager: from n/a through 2.9.10.... Read more

    Affected Products : wp_user_manager
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 4.3

    MEDIUM
    CVE-2024-43337

    Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave Popup Builder.This issue affects Brave Popup Builder: from n/a through 0.7.0.... Read more

    Affected Products : brave
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 6.1

    MEDIUM
    CVE-2024-43339

    Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS).This issue affects WebinarPress: from n/a through 1.33.20.... Read more

    Affected Products : webinarpress
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 4.3

    MEDIUM
    CVE-2024-43340

    Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced Form Integration.This issue affects Advanced Form Integration: from n/a through 1.89.4.... Read more

    Affected Products : advanced_form_integration
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 4.3

    MEDIUM
    CVE-2024-43356

    Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a through 4.12.0.... Read more

    Affected Products : oik
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 9.8

    CRITICAL
    CVE-2024-8138

    A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argume... Read more

    • Published: Aug. 25, 2024
    • Modified: Aug. 27, 2024

  • 6.1

    MEDIUM
    CVE-2024-8137

    A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file search_user.php. The manipulation of the argument search leads to cross site scripting. The at... Read more

    Affected Products : record_management_system
    • Published: Aug. 24, 2024
    • Modified: Aug. 27, 2024

  • 9.8

    CRITICAL
    CVE-2024-45237

    An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort write... Read more

    Affected Products : fort-validator
    • Published: Aug. 24, 2024
    • Modified: Aug. 27, 2024

  • 6.1

    MEDIUM
    CVE-2024-8136

    A vulnerability, which was classified as problematic, was found in SourceCodester Record Management System 1.0. This affects an unknown part of the file sort1_user.php. The manipulation of the argument position leads to cross site scripting. It is possibl... Read more

    Affected Products : record_management_system
    • Published: Aug. 24, 2024
    • Modified: Aug. 27, 2024

  • 9.8

    CRITICAL
    CVE-2024-8135

    A vulnerability classified as critical has been found in Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310. Affected is the function Sign of the file pkg/token/token.go. The manipulation of the argument config.key leads to hard-coded credent... Read more

    Affected Products : gotribe
    • Published: Aug. 24, 2024
    • Modified: Aug. 27, 2024
Showing 20 of 291601 Results