Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-9113

    FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to expl... Read more

    Affected Products : image_viewer
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 7.8

    HIGH
    CVE-2024-9112

    FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to expl... Read more

    Affected Products : image_viewer
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 6.8

    MEDIUM
    CVE-2024-8360

    Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication ... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024

  • 6.8

    MEDIUM
    CVE-2024-8359

    Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is ... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 6.8

    MEDIUM
    CVE-2024-8358

    Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is n... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 7.8

    HIGH
    CVE-2024-8357

    Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. Although authent... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 8.8

    HIGH
    CVE-2024-8356

    Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. An attacke... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 6.8

    MEDIUM
    CVE-2024-8355

    Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment system. Authentication is not requi... Read more

    Affected Products : infotainment infotainment_firmware
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 7.8

    HIGH
    CVE-2024-8025

    Nikon NEF Codec Thumbnail Provider NRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nikon NEF Codec. User interaction is requ... Read more

    Affected Products : nef_codec
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 7.8

    HIGH
    CVE-2024-7565

    SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnera... Read more

    Affected Products : soapui
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 5.5

    MEDIUM
    CVE-2024-7511

    Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trimble SketchUp Pro. User interaction is required to ... Read more

    Affected Products : sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-7510

    Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerab... Read more

    Affected Products : sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-7509

    Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit ... Read more

    Affected Products : sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-7508

    Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is require... Read more

    Affected Products : sketchup_viewer sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-7392

    ChargePoint Home Flex Bluetooth Low Energy Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of ChargePoint Home Flex charging devices. Authentication is... Read more

    Affected Products : home_flex_firmware home_flex
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 5.7

    MEDIUM
    CVE-2024-7391

    ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. User interaction i... Read more

    Affected Products : home_flex_firmware home_flex
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-7352

    PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this... Read more

    Affected Products : pdf-xchange_editor
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 7.8

    HIGH
    CVE-2024-7253

    NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileg... Read more

    Affected Products : nomachine
    • Published: Nov. 22, 2024
    • Modified: May. 21, 2025

  • 7.8

    HIGH
    CVE-2024-7245

    Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability ... Read more

    Affected Products : panda_dome
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 7.8

    HIGH
    CVE-2024-7244

    Panda Security Dome VPN DLL Hijacking Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-pri... Read more

    Affected Products : panda_dome
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024
Showing 20 of 291274 Results