Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2024-40479

    A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter.... Read more

    Affected Products :
    • Published: Aug. 12, 2024
    • Modified: Aug. 13, 2024

  • 6.5

    MEDIUM
    CVE-2024-34788

    An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information... Read more

    Affected Products : endpoint_manager_mobile
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 7.7

    HIGH
    CVE-2024-42347

    matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs ... Read more

    Affected Products : matrix-react-sdk matrix-react-sdk
    • Published: Aug. 06, 2024
    • Modified: Aug. 12, 2024

  • 6.3

    MEDIUM
    CVE-2024-41677

    Qwik is a performance focused javascript framework. A potential mutation XSS vulnerability exists in Qwik for versions up to but not including 1.6.0. Qwik improperly escapes HTML on server-side rendering. It converts strings according to the rules found i... Read more

    Affected Products : qwik
    • Published: Aug. 06, 2024
    • Modified: Aug. 12, 2024

  • 8.5

    HIGH
    CVE-2024-7502

    A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code.... Read more

    Affected Products : diascreen
    • Published: Aug. 06, 2024
    • Modified: Aug. 12, 2024

  • 6.2

    MEDIUM
    CVE-2024-42358

    PDFio is a simple C library for reading and writing PDF files. There is a denial of service (DOS) vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also ... Read more

    Affected Products : pdfio pdfio
    • Published: Aug. 06, 2024
    • Modified: Aug. 12, 2024

  • 6.7

    MEDIUM
    CVE-2024-31201

    A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on the local machine.... Read more

    Affected Products : thermoscan_ip
    • Published: Jul. 31, 2024
    • Modified: Aug. 12, 2024

  • 8.4

    HIGH
    CVE-2024-34620

    Improper privilege management in SumeNNService prior to SMR Aug-2024 Release 1 allows local attackers to start privileged service.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 8.8

    HIGH
    CVE-2024-34619

    Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 4.0

    MEDIUM
    CVE-2024-34618

    Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 4.0

    MEDIUM
    CVE-2024-34617

    Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-34616

    Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 7.8

    HIGH
    CVE-2024-34615

    Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to cause memory corruption.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 7.8

    HIGH
    CVE-2024-34614

    Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-34613

    Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy watch.... Read more

    Affected Products : android dex wear_os
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 7.8

    HIGH
    CVE-2024-34612

    Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-34611

    Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-34610

    Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 6.2

    MEDIUM
    CVE-2024-34609

    Improper access control in VoiceNoteService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024

  • 6.2

    MEDIUM
    CVE-2024-34608

    Improper access control in PaymentManagerService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.... Read more

    Affected Products : android android dex
    • Published: Aug. 07, 2024
    • Modified: Aug. 12, 2024
Showing 20 of 291170 Results