Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.4

    CRITICAL
    CVE-2024-39815

    Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of serv... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 20, 2024

  • 9.9

    CRITICAL
    CVE-2024-37023

    Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpo... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 20, 2024

  • 8.8

    HIGH
    CVE-2024-29082

    Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device vi... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-41161

    Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administra... Read more

    • Published: Aug. 08, 2024
    • Modified: Aug. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-42032

    Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 08, 2024
    • Modified: Aug. 20, 2024

  • 6.2

    MEDIUM
    CVE-2024-42030

    Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Aug. 08, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-42001

    An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafte... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 20, 2024

  • 8.7

    HIGH
    CVE-2024-41936

    A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 20, 2024

  • 7.8

    HIGH
    CVE-2024-5915

    A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.... Read more

    Affected Products : globalprotect
    • Published: Aug. 14, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-5914

    A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.... Read more

    Affected Products : cortex_xsoar_commonscripts
    • Published: Aug. 14, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-43399

    Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extr... Read more

    Affected Products : mobile_security_framework
    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-7922

    A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 a... Read more

    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.1

    CRITICAL
    CVE-2024-38891

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information.... Read more

    Affected Products : caterease
    • Published: Aug. 02, 2024
    • Modified: Aug. 20, 2024

  • 8.8

    HIGH
    CVE-2024-42633

    A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.... Read more

    Affected Products : e1500_firmware e1500
    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-38887

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary priv... Read more

    Affected Products : caterease
    • Published: Aug. 02, 2024
    • Modified: Aug. 20, 2024

  • 7.5

    HIGH
    CVE-2024-6348

    Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests.... Read more

    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 7.8

    HIGH
    CVE-2024-32927

    In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 7.5

    HIGH
    CVE-2024-42657

    An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process... Read more

    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-42658

    An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter... Read more

    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024

  • 9.0

    CRITICAL
    CVE-2024-43400

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engin... Read more

    Affected Products : xwiki
    • Published: Aug. 19, 2024
    • Modified: Aug. 20, 2024
Showing 20 of 291275 Results