Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-49062

    Microsoft SharePoint Information Disclosure Vulnerability... Read more

    • Published: Dec. 12, 2024
    • Modified: Jan. 08, 2025

  • 7.0

    HIGH
    CVE-2024-49059

    Microsoft Office Elevation of Privilege Vulnerability... Read more

    • Published: Dec. 12, 2024
    • Modified: Jan. 08, 2025

  • 8.1

    HIGH
    CVE-2024-49057

    Microsoft Defender for Endpoint on Android Spoofing Vulnerability... Read more

    Affected Products : defender_for_endpoint
    • Published: Dec. 12, 2024
    • Modified: Jan. 08, 2025

  • 7.5

    HIGH
    CVE-2024-47835

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the ... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.1

    CRITICAL
    CVE-2024-47834

    GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within th... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.5

    HIGH
    CVE-2024-47778

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gst_wavparse_adtl_chunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, whi... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.1

    CRITICAL
    CVE-2024-47777

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset witho... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.1

    CRITICAL
    CVE-2024-47776

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size va... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.1

    CRITICAL
    CVE-2024-47775

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data befo... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.1

    CRITICAL
    CVE-2024-47774

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_avi_subtitle_parse_gab2_chunk function within gstavisubtitle.c. The function reads the name_length value directly from th... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.8

    CRITICAL
    CVE-2024-47615

    GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a r... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.8

    CRITICAL
    CVE-2024-47613

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function invokes `memcpy`, using `out_pix` as the dest... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 19, 2024

  • 9.8

    CRITICAL
    CVE-2024-47607

    GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exce... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.8

    CRITICAL
    CVE-2024-47606

    GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, wh... Read more

    Affected Products : debian_linux gstreamer
    • Published: Dec. 12, 2024
    • Modified: Apr. 19, 2025

  • 7.5

    HIGH
    CVE-2024-47603

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_update_tracks function within matroska-demux.c. The vulnerability occurs when the gst_caps_... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.5

    HIGH
    CVE-2024-47602

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. This function does not properly check the... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.5

    HIGH
    CVE-2024-47601

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock function within matroska-demux.c. This function does not pr... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.1

    CRITICAL
    CVE-2024-47600

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the format_channel_mask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a f... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.5

    HIGH
    CVE-2024-47599

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024

  • 9.1

    CRITICAL
    CVE-2024-47598

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is that the size of the stts buffer isn’t properly checked ... Read more

    Affected Products : gstreamer
    • Published: Dec. 12, 2024
    • Modified: Dec. 18, 2024
Showing 20 of 292238 Results