Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-39457

    Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 5.3

    MEDIUM
    CVE-2023-39458

    Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Au... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 7.8

    HIGH
    CVE-2023-39459

    Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. User interaction is... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 7.2

    HIGH
    CVE-2023-39460

    Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although ... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 4.4

    MEDIUM
    CVE-2023-39461

    Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Ga... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 3.8

    LOW
    CVE-2024-30142

    HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.... Read more

    Affected Products : bigfix_compliance
    • Published: Nov. 07, 2024
    • Modified: Jun. 17, 2025

  • 6.5

    MEDIUM
    CVE-2023-39462

    Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is requir... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 7.2

    HIGH
    CVE-2023-39463

    Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data ... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 7.2

    HIGH
    CVE-2023-39464

    Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although ... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-30141

    HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information. Detailed error messages can provide enticement information or expose information about its environment, users, or associated data.... Read more

    Affected Products : bigfix_compliance
    • Published: Nov. 07, 2024
    • Modified: Jun. 17, 2025

  • 7.5

    HIGH
    CVE-2023-39465

    Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gatewa... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 5.3

    MEDIUM
    CVE-2023-39466

    Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 5.3

    MEDIUM
    CVE-2023-39467

    Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is no... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 5.4

    MEDIUM
    CVE-2024-30140

    HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page.... Read more

    Affected Products : bigfix_compliance
    • Published: Nov. 07, 2024
    • Modified: Jun. 17, 2025

  • 7.2

    HIGH
    CVE-2023-39468

    Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCA... Read more

    Affected Products : scada_data_gateway
    • Published: May. 03, 2024
    • Modified: Jun. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-30126

    HCL BigFix Compliance is affected by a missing X-Frame-Options HTTP header which can allow an attacker to create a malicious website that embeds the target website in a frame or iframe, tricking users into performing actions on the target website without ... Read more

    Affected Products : bigfix_compliance
    • Published: Jul. 18, 2024
    • Modified: Jun. 17, 2025

  • 6.2

    MEDIUM
    CVE-2024-30125

    HCL BigFix Compliance server can respond with an HTTP status of 500, indicating a server-side error that may cause the server process to die.... Read more

    Affected Products : bigfix_compliance
    • Published: Jul. 18, 2024
    • Modified: Jun. 17, 2025

  • 6.2

    MEDIUM
    CVE-2024-22734

    An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components.... Read more

    Affected Products : trux_waste_management
    • Published: Apr. 12, 2024
    • Modified: Jun. 17, 2025

  • 8.8

    HIGH
    CVE-2024-30850

    An issue in tiagorlampert CHAOS v5.0.1 allows a remote attacker to execute arbitrary code via the BuildClient function within client_service.go... Read more

    Affected Products : chaos
    • Published: Apr. 12, 2024
    • Modified: Jun. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-22526

    Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service (DoS) via exr image file.... Read more

    Affected Products : bandiview
    • Published: Apr. 12, 2024
    • Modified: Jun. 17, 2025
Showing 20 of 293562 Results