Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.6

    HIGH
    CVE-2024-49597

    Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection m... Read more

    Affected Products : wyse_management_suite
    • Published: Nov. 26, 2024
    • Modified: Feb. 04, 2025

  • 6.5

    MEDIUM
    CVE-2024-49596

    Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion... Read more

    Affected Products : wyse_management_suite
    • Published: Nov. 26, 2024
    • Modified: Feb. 04, 2025

  • 7.6

    HIGH
    CVE-2024-49595

    Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.... Read more

    Affected Products : wyse_management_suite
    • Published: Nov. 26, 2024
    • Modified: Feb. 04, 2025

  • 5.4

    MEDIUM
    CVE-2024-11678

    A vulnerability was found in CodeAstro Hospital Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /backend/doc/his_doc_register_patient.php. The manipulation of the argument pat_fname/pat_ailme... Read more

    Affected Products : hospital_management_system
    • Published: Nov. 26, 2024
    • Modified: Dec. 04, 2024

  • 5.4

    MEDIUM
    CVE-2024-11677

    A vulnerability was found in CodeAstro Hospital Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /backend/admin/his_admin_add_vendor.php of the component Add Vendor Details Page. The manipulation of th... Read more

    Affected Products : hospital_management_system
    • Published: Nov. 26, 2024
    • Modified: Dec. 04, 2024

  • 8.8

    HIGH
    CVE-2024-10729

    The Booking & Appointment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_google_calendar_data' function in versions up to, and including, 6.9.0. This makes it p... Read more

    Affected Products :
    • Published: Nov. 26, 2024
    • Modified: Nov. 26, 2024

  • 8.8

    HIGH
    CVE-2024-52899

    IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server.... Read more

    • Published: Nov. 26, 2024
    • Modified: Aug. 04, 2025

  • 5.4

    MEDIUM
    CVE-2024-11676

    A vulnerability was found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /backend/admin/his_admin_add_lab_equipment.php of the component Add Laboratory Equipment ... Read more

    Affected Products : hospital_management_system
    • Published: Nov. 26, 2024
    • Modified: Dec. 04, 2024

  • 5.4

    MEDIUM
    CVE-2024-11675

    A vulnerability has been found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /backend/admin/his_admin_register_patient.php of the component Add Patient Det... Read more

    • Published: Nov. 26, 2024
    • Modified: Dec. 04, 2024

  • 8.1

    HIGH
    CVE-2024-53843

    @dapperduckling/keycloak-connector-server is an opinionated series of libraries for Node.js applications and frontend clients to interface with keycloak. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the authentication flow of the... Read more

    Affected Products :
    • Published: Nov. 26, 2024
    • Modified: Nov. 26, 2024

  • 8.8

    HIGH
    CVE-2024-11674

    A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management System 1.0. Affected is an unknown function of the file /backend/doc/his_doc_update-account.php. The manipulation of the argument doc_dpic leads to unrestricted ... Read more

    Affected Products : hospital_management_system
    • Published: Nov. 26, 2024
    • Modified: Dec. 04, 2024

  • 6.9

    MEDIUM
    CVE-2024-11673

    A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore Management System 1.0. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. ... Read more

    Affected Products : bookstore_management_system
    • Published: Nov. 25, 2024
    • Modified: Dec. 04, 2024

  • 6.3

    MEDIUM
    CVE-2024-53597

    masterstack_imgcap v0.0.1 was discovered to contain a SQL injection vulnerability via the endpoint /submit.... Read more

    Affected Products :
    • Published: Nov. 25, 2024
    • Modified: Nov. 27, 2024

  • 8.0

    HIGH
    CVE-2024-53554

    A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details.... Read more

    Affected Products :
    • Published: Nov. 25, 2024
    • Modified: Nov. 26, 2024

  • 5.5

    MEDIUM
    CVE-2024-53101

    In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_... Read more

    Affected Products : linux_kernel
    • Published: Nov. 25, 2024
    • Modified: Dec. 19, 2024

  • 4.7

    MEDIUM
    CVE-2024-53100

    In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queue_lock lock and destroy Commit 76d54bf20cdc ("nvme-tcp: don't access released socket during error recovery") added a mutex_lock() call for the queue->q... Read more

    Affected Products : linux_kernel
    • Published: Nov. 25, 2024
    • Modified: Dec. 24, 2024

  • 7.1

    HIGH
    CVE-2024-53099

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link->type in bpf_link_show_fdinfo() If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing bpf_link_type_strs[link->type] may result in an out-of-b... Read more

    Affected Products : linux_kernel
    • Published: Nov. 25, 2024
    • Modified: Jan. 09, 2025

  • 7.8

    HIGH
    CVE-2024-53098

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address access_ok() only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. (cherry pic... Read more

    Affected Products : linux_kernel
    • Published: Nov. 25, 2024
    • Modified: Dec. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-53097

    In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in __do_krealloc This patch addresses an issue introduced by commit 1a83a716ec233 ("mm: krealloc: consider spare memory for __GFP_ZERO") which causes M... Read more

    Affected Products : linux_kernel
    • Published: Nov. 25, 2024
    • Modified: Dec. 24, 2024

  • 7.8

    HIGH
    CVE-2024-53096

    In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like control flow and numerous means by which issues can arise an... Read more

    Affected Products : linux_kernel
    • Published: Nov. 25, 2024
    • Modified: Jan. 07, 2025
Showing 20 of 291401 Results