Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-48888

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path of_icc_get() alloc resources for path1, we should release it when not need anymore. Early return when IS_ERR_OR_NULL(pat... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Aug. 29, 2024

  • 7.8

    HIGH
    CVE-2022-48892

    In the Linux kernel, the following vulnerability has been resolved: sched/core: Fix use-after-free bug in dup_user_cpus_ptr() Since commit 07ec77a1d4e8 ("sched: Allow task CPU affinity to be restricted on asymmetric systems"), the setting and clearing o... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Aug. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-8225

    A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is poss... Read more

    Affected Products : g3_firmware g3
    • Published: Aug. 27, 2024
    • Modified: Aug. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-8226

    A vulnerability has been found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. Th... Read more

    Affected Products : o1_firmware o1
    • Published: Aug. 28, 2024
    • Modified: Aug. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-8227

    A vulnerability was found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhc... Read more

    Affected Products : o1_firmware o1
    • Published: Aug. 28, 2024
    • Modified: Aug. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-8228

    A vulnerability was found in Tenda O5 1.0.0.8(5017). It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer ove... Read more

    Affected Products : o5_firmware o5
    • Published: Aug. 28, 2024
    • Modified: Aug. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-8229

    A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been declared as critical. This vulnerability affects the function frommacFilterModify of the file /goform/operateMacFilter. The manipulation of the argument mac leads to stack-based buffer overf... Read more

    Affected Products : o6_firmware o6
    • Published: Aug. 28, 2024
    • Modified: Aug. 29, 2024

  • 9.8

    CRITICAL
    CVE-2024-8230

    A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer ov... Read more

    Affected Products : o6_firmware o6
    • Published: Aug. 28, 2024
    • Modified: Aug. 29, 2024

  • 6.5

    MEDIUM
    CVE-2024-42438

    Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 29, 2024

  • 6.5

    MEDIUM
    CVE-2024-42439

    Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 29, 2024

  • 6.7

    MEDIUM
    CVE-2024-42440

    Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 28, 2024

  • 6.7

    MEDIUM
    CVE-2024-42441

    Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 28, 2024

  • 8.8

    HIGH
    CVE-2024-7969

    Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more

    Affected Products : chrome edge_chromium
    • Published: Aug. 21, 2024
    • Modified: Aug. 28, 2024

  • 5.9

    MEDIUM
    CVE-2024-31905

    IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information usin... Read more

    Affected Products : qradar_network_packet_capture
    • Published: Aug. 15, 2024
    • Modified: Aug. 28, 2024

  • 6.2

    MEDIUM
    CVE-2024-7867

    In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.... Read more

    Affected Products : xpdf
    • Published: Aug. 15, 2024
    • Modified: Aug. 28, 2024

  • 9.8

    CRITICAL
    CVE-2024-42466

    Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.... Read more

    Affected Products : upkeeper_manager upkeeper_manager
    • Published: Aug. 16, 2024
    • Modified: Aug. 28, 2024

  • 10.0

    CRITICAL
    CVE-2024-42462

    Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Bypass.This issue affects upKeeper Manager: through 5.1.9.... Read more

    Affected Products : upkeeper_manager
    • Published: Aug. 16, 2024
    • Modified: Aug. 28, 2024

  • 8.6

    HIGH
    CVE-2024-42463

    Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.... Read more

    Affected Products : upkeeper_manager
    • Published: Aug. 16, 2024
    • Modified: Aug. 28, 2024

  • 7.6

    HIGH
    CVE-2024-42464

    Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9.... Read more

    Affected Products : upkeeper_manager
    • Published: Aug. 16, 2024
    • Modified: Aug. 28, 2024

  • 9.8

    CRITICAL
    CVE-2024-42465

    Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.... Read more

    Affected Products : upkeeper_manager
    • Published: Aug. 16, 2024
    • Modified: Aug. 28, 2024
Showing 20 of 291737 Results