Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-9245

    Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the abi... Read more

    Affected Products : pdf_editor pdf_reader
    • Published: Nov. 22, 2024
    • Modified: Nov. 29, 2024

  • 7.8

    HIGH
    CVE-2024-9244

    Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the abi... Read more

    Affected Products : pdf_editor pdf_reader
    • Published: Nov. 22, 2024
    • Modified: Nov. 29, 2024

  • 7.8

    HIGH
    CVE-2024-9243

    Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerabilit... Read more

    Affected Products : pdf_editor pdf_reader
    • Published: Nov. 22, 2024
    • Modified: Nov. 29, 2024

  • 7.8

    HIGH
    CVE-2024-9114

    FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to expl... Read more

    Affected Products : image_viewer
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 7.8

    HIGH
    CVE-2024-9113

    FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to expl... Read more

    Affected Products : image_viewer
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 7.8

    HIGH
    CVE-2024-9112

    FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to expl... Read more

    Affected Products : image_viewer
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 6.8

    MEDIUM
    CVE-2024-8360

    Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication ... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024

  • 6.8

    MEDIUM
    CVE-2024-8359

    Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is ... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 6.8

    MEDIUM
    CVE-2024-8358

    Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is n... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 7.8

    HIGH
    CVE-2024-8357

    Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. Although authent... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 8.8

    HIGH
    CVE-2024-8356

    Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. An attacke... Read more

    Affected Products : infotainment
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 6.8

    MEDIUM
    CVE-2024-8355

    Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment system. Authentication is not requi... Read more

    Affected Products : infotainment infotainment_firmware
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 7.8

    HIGH
    CVE-2024-8025

    Nikon NEF Codec Thumbnail Provider NRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nikon NEF Codec. User interaction is requ... Read more

    Affected Products : nef_codec
    • Published: Nov. 22, 2024
    • Modified: Dec. 11, 2024

  • 7.8

    HIGH
    CVE-2024-7565

    SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnera... Read more

    Affected Products : soapui
    • Published: Nov. 22, 2024
    • Modified: Dec. 19, 2024

  • 5.5

    MEDIUM
    CVE-2024-7511

    Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trimble SketchUp Pro. User interaction is required to ... Read more

    Affected Products : sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-7510

    Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerab... Read more

    Affected Products : sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-7509

    Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit ... Read more

    Affected Products : sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 7.8

    HIGH
    CVE-2024-7508

    Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is require... Read more

    Affected Products : sketchup_viewer sketchup
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-7392

    ChargePoint Home Flex Bluetooth Low Energy Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of ChargePoint Home Flex charging devices. Authentication is... Read more

    Affected Products : home_flex_firmware home_flex
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024

  • 5.7

    MEDIUM
    CVE-2024-7391

    ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. User interaction i... Read more

    Affected Products : home_flex_firmware home_flex
    • Published: Nov. 22, 2024
    • Modified: Dec. 03, 2024
Showing 20 of 291358 Results