Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.5

MEDIUM

CVE-2024-44220

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination....

Affected Products : macos
Published: Dec. 12, 2024

Modified: Dec. 18, 2024
5.3

MEDIUM

CVE-2024-44212

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin....

Affected Products : iphone_os tvos watchos safari ipados visionos
Published: Dec. 12, 2024

Modified: Dec. 20, 2024
5.5

MEDIUM

CVE-2024-44201

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service....

Affected Products : macos iphone_os ipados
Published: Dec. 12, 2024

Modified: Dec. 13, 2024
5.5

MEDIUM

CVE-2024-44200

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to read sensitive location information....

Affected Products : iphone_os ipados
Published: Dec. 12, 2024

Modified: Dec. 13, 2024
8.5

HIGH

CVE-2024-42407

Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information to which they have not been granted access. This issue...

Affected Products :
Published: Dec. 12, 2024

Modified: Dec. 12, 2024
4.6

MEDIUM

CVE-2024-41146

Use of Multiple Resources with Duplicate Identifier (CWE-694) in the Controller 6000 and Controller 7000 Platforms could allow an attacker with physical access to HBUS communication cabling to perform a Denial-of-Service attack against HBUS connected devi...

Affected Products :
Published: Dec. 12, 2024

Modified: Dec. 12, 2024
5.4

MEDIUM

CVE-2024-12536

A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected by this issue is some unknown functionality of the file /control/client_data.php. The manipulation of the ar...

Affected Products : advocate_office_management_system
Published: Dec. 12, 2024

Modified: Dec. 13, 2024
5.1

MEDIUM

CVE-2024-12503

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of the file /index.php/admin of the component Model Management Page. The manipulation of the argument URL leads to cross site s...

Affected Products : classcms
Published: Dec. 12, 2024

Modified: Dec. 13, 2024
9.8

CRITICAL

CVE-2024-12497

A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/check_admin_login.php. The manipulation of the argument admin_user_name leads to sql injec...

Affected Products : attendance_tracking_management_system
Published: Dec. 12, 2024

Modified: Dec. 13, 2024
8.8

HIGH

CVE-2024-12492

A vulnerability was found in code-projects Farmacia 1.0. It has been rated as critical. This issue affects some unknown processing of the file /visualizar-usuario.php. The manipulation of the argument id leads to sql injection. The attack may be initiated...

Affected Products : farmacia farmacia
Published: Dec. 12, 2024

Modified: Dec. 13, 2024
9.8

CRITICAL

CVE-2024-12490

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /pages/teacher_save.php. The manipulation of the argument salut leads to sql inje...

Affected Products : online_class_and_exam_scheduling_system online_class_and_exam_scheduling_system online_class_and_exam_scheduling_system
Published: Dec. 12, 2024

Modified: Apr. 07, 2025
9.0

CRITICAL

CVE-2024-55884

In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the exception-handling alternate stack can be exhausted, leading to heap-based out-of-bounds writes in enable() in exception_logging/unix.rs, aka MLLVD-CR-24-01. NOTE: a...

Affected Products :
Published: Dec. 12, 2024

Modified: Dec. 12, 2024
8.8

HIGH

CVE-2024-55587

python-libarchive through 4.2.1 allows directory traversal (to create files) in extract in zip.py for ZipFile.extractall and ZipFile.extract....

Affected Products :
Published: Dec. 12, 2024

Modified: Dec. 12, 2024
9.3

CRITICAL

CVE-2024-50339

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.17, an unauthenticated user can retrieve all the sessions IDs and use them to steal any valid session. Version 10.0.17 contains a patch for this i...

Affected Products : glpi
Published: Dec. 12, 2024

Modified: Jan. 10, 2025
7.8

HIGH

CVE-2024-49142

Microsoft Access Remote Code Execution Vulnerability...

Affected Products : office access 365_apps office_long_term_servicing_channel
Published: Dec. 12, 2024

Modified: Jan. 17, 2025
7.8

HIGH

CVE-2024-49138

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Actively Exploited

Published: Dec. 12, 2024

Modified: Apr. 28, 2025
8.1

HIGH

CVE-2024-49132

Windows Remote Desktop Services Remote Code Execution Vulnerability...

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +2 more products
Published: Dec. 12, 2024

Modified: Jan. 14, 2025
7.5

HIGH

CVE-2024-49129

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability...

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2025
Published: Dec. 12, 2024

Modified: Jan. 14, 2025
8.1

HIGH

CVE-2024-49128

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2025
Published: Dec. 12, 2024

Modified: May. 13, 2025
8.1

HIGH

CVE-2024-49127

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Dec. 12, 2024

Modified: Jan. 14, 2025

Showing 20 of 292238 Results

1
...
1671
1672
1673
1674
1675
1676
1677
...
14612

Browse by Apps

Latest CVE Feed

6.5

5.3

5.5

5.5

8.5

4.6

5.4

5.1

9.8

8.8

9.8

9.0

8.8

9.3

7.8

7.8

8.1

7.5

8.1

8.1

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable