Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.3

    HIGH
    CVE-2023-7263

    Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability ID:HWPSIRT-2023-53450) This vulnerability has been ass... Read more

    Affected Products :
    • Published: Dec. 28, 2024
    • Modified: Dec. 28, 2024

  • 4.0

    MEDIUM
    CVE-2022-48470

    Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:HWPSIRT-2022-42291) This vulnerability has been assigned... Read more

    Affected Products :
    • Published: Dec. 28, 2024
    • Modified: Dec. 28, 2024

  • 7.8

    HIGH
    CVE-2021-37000

    Some Huawei wearables have a permission management vulnerability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 28, 2024
    • Modified: Mar. 18, 2025

  • 7.5

    HIGH
    CVE-2021-22484

    Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM).... Read more

    Affected Products : harmonyos
    • Published: Dec. 28, 2024
    • Modified: Mar. 18, 2025

  • 5.3

    MEDIUM
    CVE-2020-1824

    There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more

    • Published: Dec. 28, 2024
    • Modified: Jan. 13, 2025

  • 5.3

    MEDIUM
    CVE-2020-1823

    There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more

    • Published: Dec. 28, 2024
    • Modified: Jan. 13, 2025

  • 5.3

    MEDIUM
    CVE-2020-1822

    There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more

    • Published: Dec. 28, 2024
    • Modified: Jan. 13, 2025

  • 5.3

    MEDIUM
    CVE-2020-1821

    There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more

    • Published: Dec. 28, 2024
    • Modified: Jan. 13, 2025

  • 5.3

    MEDIUM
    CVE-2020-1820

    There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more

    • Published: Dec. 28, 2024
    • Modified: Jan. 13, 2025

  • 7.8

    HIGH
    CVE-2024-46973

    Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.... Read more

    Affected Products : ddk
    • Published: Dec. 28, 2024
    • Modified: Dec. 28, 2024

  • 7.8

    HIGH
    CVE-2024-46972

    Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.... Read more

    Affected Products : ddk
    • Published: Dec. 28, 2024
    • Modified: Mar. 13, 2025

  • 7.8

    HIGH
    CVE-2024-43705

    Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory.... Read more

    Affected Products : ddk
    • Published: Dec. 28, 2024
    • Modified: Dec. 28, 2024

  • 4.8

    MEDIUM
    CVE-2024-54775

    Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting (XSS) vulnerability via /admin/auth/menu and /admin/auth/extensions.... Read more

    Affected Products : dcat_admin
    • Published: Dec. 27, 2024
    • Modified: Apr. 22, 2025

  • 4.8

    MEDIUM
    CVE-2024-54774

    Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in /admin/articles/create.... Read more

    Affected Products : dcat_admin
    • Published: Dec. 27, 2024
    • Modified: Apr. 21, 2025

  • 7.5

    HIGH
    CVE-2024-50714

    A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via a crafted script to the /FB/getFbVideoSource.php component.... Read more

    Affected Products :
    • Published: Dec. 27, 2024
    • Modified: Dec. 28, 2024

  • 9.8

    CRITICAL
    CVE-2024-50717

    SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component.... Read more

    Affected Products : smart_agent
    • Published: Dec. 27, 2024
    • Modified: Apr. 18, 2025

  • 9.8

    CRITICAL
    CVE-2024-50716

    SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component.... Read more

    Affected Products : smart_agent
    • Published: Dec. 27, 2024
    • Modified: Apr. 21, 2025

  • 7.5

    HIGH
    CVE-2024-50715

    An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via command injection through a vulnerable unsanitized parameter defined in the /youtubeInfo.php component.... Read more

    Affected Products : smart_agent
    • Published: Dec. 27, 2024
    • Modified: Apr. 21, 2025

  • 9.8

    CRITICAL
    CVE-2024-50713

    SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/interface.php.... Read more

    Affected Products : smart_agent
    • Published: Dec. 27, 2024
    • Modified: Apr. 21, 2025

  • 9.3

    CRITICAL
    CVE-2024-56732

    HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function.... Read more

    Affected Products : harfbuzz
    • Published: Dec. 27, 2024
    • Modified: Dec. 28, 2024
Showing 20 of 293620 Results