Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2024-21807

    Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 7.0

    HIGH
    CVE-2024-24983

    Protection mechanism failure in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 4.4 may allow an unauthenticated user to potentially enable denial of service via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-21766

    Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : oneapi_math_kernel_library
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-25939

    Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 4.6

    MEDIUM
    CVE-2023-48361

    Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 5.9

    MEDIUM
    CVE-2023-35123

    Uncaught exception in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.14-0, bhs-0.27 may allow an authenticated user to potentially enable denial of service via network access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 7.8

    HIGH
    CVE-2023-42667

    Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-28953

    Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 7.0

    HIGH
    CVE-2024-38106

    Windows Kernel Elevation of Privilege Vulnerability... Read more

    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 8.8

    HIGH
    CVE-2024-42738

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 6.8

    MEDIUM
    CVE-2024-41711

    A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (R6.4.0.136) could allow an unauthenticated attacker with physical access to the phone to conduct an argument inject... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 7.5

    HIGH
    CVE-2024-38178

    Scripting Engine Memory Corruption Vulnerability... Read more

    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 7.8

    HIGH
    CVE-2024-38107

    Windows Power Dependency Coordinator Elevation of Privilege Vulnerability... Read more

    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 8.8

    HIGH
    CVE-2024-42739

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 6.5

    MEDIUM
    CVE-2024-38213

    Windows Mark of the Web Security Feature Bypass Vulnerability... Read more

    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 8.4

    HIGH
    CVE-2024-39401

    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin ... Read more

    Affected Products : commerce magento
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 8.1

    HIGH
    CVE-2024-39400

    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an admin attacker to inject and execute arbitrary JavaScript code within the co... Read more

    Affected Products : commerce magento
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 7.7

    HIGH
    CVE-2024-39399

    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. A low-privileged atta... Read more

    Affected Products : commerce magento
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 7.4

    HIGH
    CVE-2024-39398

    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerabil... Read more

    Affected Products : commerce magento
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 9.0

    CRITICAL
    CVE-2024-39397

    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulner... Read more

    Affected Products : commerce magento
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
Showing 20 of 291275 Results