Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2024-12659

    A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been classified as problematic. Affected is the function 0x8001E004 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null poi... Read more

    Affected Products : advanced_systemcare_ultimate
    • Published: Dec. 16, 2024
    • Modified: Dec. 19, 2024

  • 6.8

    MEDIUM
    CVE-2024-12658

    A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This issue affects the function 0x8001E01C in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null point... Read more

    Affected Products : advanced_systemcare_ultimate
    • Published: Dec. 16, 2024
    • Modified: Dec. 19, 2024

  • 7.6

    HIGH
    CVE-2024-8058

    An improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Aug. 27, 2025

  • 8.1

    HIGH
    CVE-2024-6001

    An improper certificate validation vulnerability was reported in LADM that could allow a network attacker with the ability to redirect an update request to a remote server and execute code with elevated privileges.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.8

    HIGH
    CVE-2024-4762

    An improper validation vulnerability was reported in the firmware update mechanism of LADM and LDCC that could allow a local attacker to escalate privileges.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 6.8

    MEDIUM
    CVE-2024-12657

    A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads ... Read more

    Affected Products : advanced_systemcare_ultimate
    • Published: Dec. 16, 2024
    • Modified: Dec. 19, 2024

  • 6.8

    MEDIUM
    CVE-2024-12656

    A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The ... Read more

    Affected Products : usb_over_network
    • Published: Dec. 16, 2024
    • Modified: Dec. 19, 2024

  • 6.8

    MEDIUM
    CVE-2024-12655

    A vulnerability, which was classified as problematic, has been found in FabulaTech USB over Network 6.0.6.1. Affected by this issue is the function 0x220420 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer... Read more

    Affected Products : usb_over_network
    • Published: Dec. 16, 2024
    • Modified: Dec. 19, 2024

  • 5.7

    MEDIUM
    CVE-2024-11358

    Mattermost Android Mobile Apps versions <=2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider.... Read more

    Affected Products : mattermost_server mattermost
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.2

    CRITICAL
    CVE-2024-11144

    The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user from a remote network. The crash causes the FTP service to become unavailable, affecting all users and processes that rely on it for file transfers. If the crash... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.8

    CRITICAL
    CVE-2024-10095

    In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible through an insecure deserialization vulnerability.... Read more

    Affected Products : ui_for_wpf
    • Published: Dec. 16, 2024
    • Modified: Dec. 18, 2024

  • 4.3

    MEDIUM
    CVE-2024-56003

    Missing Authorization vulnerability in David Cramer Caldera SMTP Mailer.This issue affects Caldera SMTP Mailer: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 5.3

    MEDIUM
    CVE-2024-55999

    Missing Authorization vulnerability in Marco Giannini XML Multilanguage Sitemap Generator.This issue affects XML Multilanguage Sitemap Generator: from n/a through 2.0.6.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.5

    HIGH
    CVE-2024-54376

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Spider-themes EazyDocs.This issue affects EazyDocs: from n/a through 2.5.5.... Read more

    Affected Products : eazydocs
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 4.3

    MEDIUM
    CVE-2024-54357

    Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.10.... Read more

    Affected Products : avada
    • Published: Dec. 16, 2024
    • Modified: Apr. 14, 2025

  • 6.5

    MEDIUM
    CVE-2024-54348

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YayCommerce Brand allows Stored XSS.This issue affects Brand: from n/a through 1.1.6.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.1

    CRITICAL
    CVE-2024-54285

    Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows Upload a Web Shell to a Web Server.This issue affects SeedProd Pro: from n/a through 6.18.10.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.6

    HIGH
    CVE-2024-54284

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.6

    HIGH
    CVE-2024-54283

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 9.8

    CRITICAL
    CVE-2024-54280

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WPBookit allows SQL Injection.This issue affects WPBookit: from n/a through 1.6.0.... Read more

    Affected Products : wpbookit wpbookit
    • Published: Dec. 16, 2024
    • Modified: Jun. 27, 2025
Showing 20 of 292870 Results