Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.7

    MEDIUM
    CVE-2024-36494

    Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The login page at /cgi/slogin.cgi suffers from XSS due to improper input filtering of the -tsetup+-uuser pa... Read more

    Affected Products :
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 4.7

    MEDIUM
    CVE-2024-28142

    Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "File Name" page (/cgi/uset.cgi?-cfilename) in the User Settings menu improperly filters the "file name... Read more

    Affected Products :
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 4.4

    MEDIUM
    CVE-2024-12271

    The 360 Javascript Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ref’ parameter in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping. This makes it possible for authent... Read more

    Affected Products :
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 6.4

    MEDIUM
    CVE-2024-9387

    An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could potentially perform an open redirect against a given releases API endpoint.... Read more

    Affected Products : gitlab
    • Published: Dec. 12, 2024
    • Modified: Jul. 11, 2025

  • 4.3

    MEDIUM
    CVE-2024-9367

    An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service (DoS) co... Read more

    Affected Products : gitlab
    • Published: Dec. 12, 2024
    • Modified: Jul. 11, 2025

  • 5.4

    MEDIUM
    CVE-2024-8647

    An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was ena... Read more

    Affected Products : gitlab
    • Published: Dec. 12, 2024
    • Modified: Jul. 11, 2025

  • 7.5

    HIGH
    CVE-2024-8233

    An issue has been discovered in GitLab CE/EE affecting all versions from 9.4 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could cause a denial of service with requests for diff files on a commit or merge request.... Read more

    Affected Products : gitlab
    • Published: Dec. 12, 2024
    • Modified: Jul. 11, 2025

  • 5.4

    MEDIUM
    CVE-2024-8179

    An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled.... Read more

    Affected Products : gitlab
    • Published: Dec. 12, 2024
    • Modified: Jul. 11, 2025

  • 7.5

    HIGH
    CVE-2024-54117

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54116

    Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54115

    Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54114

    Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54113

    Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54112

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54111

    Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54110

    Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54109

    Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54108

    Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54107

    Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-54106

    Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.... Read more

    Affected Products : harmonyos
    • Published: Dec. 12, 2024
    • Modified: Dec. 12, 2024
Showing 20 of 292650 Results