Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-44996

    In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive ->recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot->recvmsg has been replaced with vsock_bpf_recvmsg(). Thus the following recursiion co... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-34134

    Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this iss... Read more

    Affected Products : macos windows illustrator
    • Published: Aug. 14, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-41873

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-41872

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-41870

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 7.8

    HIGH
    CVE-2024-39377

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 8.4

    HIGH
    CVE-2024-6789

    A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files... Read more

    Affected Products : m-files_server
    • Published: Aug. 27, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-44995

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf re... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 15, 2024

  • 7.8

    HIGH
    CVE-2024-46687

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() [BUG] There is an internal report that KASAN is reporting use-after-free, with the following backtrace: BU... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-46686

    In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and reaching the rdma_readwrite_threshold.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-46685

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 9.8

    CRITICAL
    CVE-2024-8762

    A vulnerability was found in code-projects Crud Operation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatedata.php. The manipulation of the argument sid leads to sql injection. It is possible to initiate the... Read more

    Affected Products : crud_operation_system
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 8.1

    HIGH
    CVE-2024-8754

    An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to squat on accounts via linking arbitrary unclaimed provid... Read more

    Affected Products : gitlab
    • Published: Sep. 12, 2024
    • Modified: Sep. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-45105

    An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-3100

    A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 7.2

    HIGH
    CVE-2024-8279

    A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 6.8

    MEDIUM
    CVE-2024-45101

    A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that could allow an attacker to intercept a valid, authenticated LXCA user’s XCC session if they can convince the user to click on a specially crafted URL.... Read more

    Affected Products : xclarity_administrator
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 4.3

    MEDIUM
    CVE-2024-8059

    IPMI credentials may be captured in XCC audit log entries when the account username length is 16 characters.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 8.8

    HIGH
    CVE-2024-45368

    The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execution, namely its acceptance of multiple distinct packets... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 7.2

    HIGH
    CVE-2024-8281

    An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input in the XCC SSH captive shell.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024
Showing 20 of 292721 Results