Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2024-11918

    The Image Alt Text plugin for WordPress is vulnerable to unauthorized modification of data| due to a missing capability check on the iat_add_alt_txt_action and iat_update_alt_txt_action AJAX actions in all versions up to, and including, 2.0.0. This makes ... Read more

    Affected Products :
    • Published: Nov. 28, 2024
    • Modified: Nov. 28, 2024

  • 5.4

    MEDIUM
    CVE-2024-10896

    The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting... Read more

    Affected Products : gs_logo_slider logo_slider logo_slider
    • Published: Nov. 28, 2024
    • Modified: May. 15, 2025

  • 4.8

    MEDIUM
    CVE-2024-10510

    The adBuddy+ (AdBlocker Detection) by NetfunkDesign WordPress plugin through 1.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilte... Read more

    Affected Products : adbuddy\+_\(adblocker_detection\)
    • Published: Nov. 28, 2024
    • Modified: Jun. 09, 2025

  • 5.4

    MEDIUM
    CVE-2024-10493

    The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is... Read more

    Affected Products : element_pack
    • Published: Nov. 28, 2024
    • Modified: May. 15, 2025

  • 5.4

    MEDIUM
    CVE-2024-10473

    The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo Settings when outputing them in pages where the Logo Slider shortcode is embed, which could allow users with a role as low as Author to perform Cross-Site Scripti... Read more

    Affected Products : gs_logo_slider logo_slider logo_slider
    • Published: Nov. 28, 2024
    • Modified: May. 15, 2025

  • 2.4

    LOW
    CVE-2024-46939

    The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers can construct parameters to perform path traversal attacks, which can overwrite local specific files... Read more

    Affected Products :
    • Published: Nov. 28, 2024
    • Modified: Nov. 28, 2024

  • 5.3

    MEDIUM
    CVE-2024-53008

    Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a res... Read more

    Affected Products : haproxy
    • Published: Nov. 28, 2024
    • Modified: Nov. 28, 2024

  • 7.8

    HIGH
    CVE-2024-38658

    There is an Out-of-bounds read vulnerability in V-Server (v4.0.19.0 and earlier) and V-Server Lite (v4.0.19.0 and earlier). If a user opens a specially crafted file, information may be disclosed and/or arbitrary code may be executed.... Read more

    Affected Products : v-server
    • Published: Nov. 28, 2024
    • Modified: Nov. 29, 2024

  • 7.8

    HIGH
    CVE-2024-38389

    There is an Out-of-bounds read vulnerability in TELLUS (v4.0.19.0 and earlier) and TELLUS Lite (v4.0.19.0 and earlier). If a user opens a specially crafted file, information may be disclosed and/or arbitrary code may be executed.... Read more

    Affected Products : tellus tellus_lite
    • Published: Nov. 28, 2024
    • Modified: Nov. 29, 2024

  • 7.8

    HIGH
    CVE-2024-38309

    There are multiple stack-based buffer overflow vulnerabilities in V-SFT (v6.2.2.0 and earlier), TELLUS (v4.0.19.0 and earlier), and TELLUS Lite (v4.0.19.0 and earlier). If a user opens a specially crafted file, information may be disclosed and/or arbitra... Read more

    Affected Products : tellus tellus_lite
    • Published: Nov. 28, 2024
    • Modified: Nov. 29, 2024

  • 8.4

    HIGH
    CVE-2018-9377

    In getIntentForIntentSender of ActivityManagerService.java, there is a possible way to access user metadata due to a pending intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n... Read more

    Affected Products : android
    • Published: Nov. 28, 2024
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2024-11933

    Fuji Electric Monitouch V-SFT X1 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction... Read more

    Affected Products : monitouch_v-sft
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11803

    Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction ... Read more

    Affected Products : tellus_lite_v-simulator tellus_lite
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11802

    Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User inte... Read more

    Affected Products : tellus_lite_v-simulator tellus_lite
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11801

    Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction ... Read more

    Affected Products : tellus_lite_v-simulator tellus_lite
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11800

    Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User inte... Read more

    Affected Products : tellus_lite_v-simulator tellus_lite
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11799

    Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User inte... Read more

    Affected Products : tellus_lite_v-simulator tellus_lite
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11798

    Fuji Electric Monitouch V-SFT X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is req... Read more

    Affected Products : monitouch_v-sft
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11797

    Fuji Electric Monitouch V-SFT V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is req... Read more

    Affected Products : monitouch_v-sft
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-11796

    Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is re... Read more

    Affected Products : monitouch_v-sft
    • Published: Nov. 28, 2024
    • Modified: Dec. 03, 2024
Showing 20 of 291647 Results