Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.6

    CVSS31
    CVE-2023-50355

    HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack.... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 0.0

    NONE
    CVE-2024-48213

    RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php.... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 0.0

    NONE
    CVE-2024-40432

    A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SFFDISK_DEVICE_COMMAND control of the SD card reader driver allows a privileged attacker to crash the OS.... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 0.0

    NONE
    CVE-2024-40431

    A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.7

    CVSS31
    CVE-2024-10301

    A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata l... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.7

    CVSS31
    CVE-2024-10300

    A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 7.5

    CVSS31
    CVE-2024-48964

    The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directo... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 7.5

    CVSS31
    CVE-2024-48963

    The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.7

    CVSS31
    CVE-2024-10299

    A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argume... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.7

    CVSS31
    CVE-2024-10298

    A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argumen... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 0.0

    NONE
    CVE-2024-9949

    Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application.... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 5.3

    CVSS31
    CVE-2024-20526

    A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 8.6

    CVSS31
    CVE-2024-20495

    A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 8.6

    CVSS31
    CVE-2024-20494

    A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulti... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 5.3

    CVSS31
    CVE-2024-20493

    A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny fu... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 6.0

    CVSS31
    CVE-2024-20485

    A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-le... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 6.5

    CVSS31
    CVE-2024-20482

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to elevate privileges on an affected device. To e... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 5.8

    CVSS31
    CVE-2024-20481

    A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 4.3

    CVSS31
    CVE-2024-20474

    A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer und... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024

  • 6.5

    CVSS31
    CVE-2024-20473

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the ... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 23, 2024
Showing 20 of 200 Results