Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.7

    HIGH
    CVE-2024-51546

    Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 10.0

    CRITICAL
    CVE-2024-51545

    Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 8.8

    HIGH
    CVE-2024-51544

    Service Control vulnerabilities allow access to service restart requests and vm configuration settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 8.8

    HIGH
    CVE-2024-51543

    Information Disclosure vulnerabilities allow access to application configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 8.8

    HIGH
    CVE-2024-51542

    Configuration Download vulnerabilities allow access to dependency configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 8.8

    HIGH
    CVE-2024-51541

    Local File Inclusion vulnerabilities allow access to sensitive system information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 9.1

    CRITICAL
    CVE-2024-48847

    MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.  Affected products: ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 7.3

    HIGH
    CVE-2024-48846

    Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-48845

    Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.  Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; ... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 7.7

    HIGH
    CVE-2024-48844

    Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 7.7

    HIGH
    CVE-2024-48843

    Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 10.0

    CRITICAL
    CVE-2024-48840

    Unauthorized Access vulnerabilities allow Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 10.0

    CRITICAL
    CVE-2024-48839

    Improper Input Validation vulnerability allows Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 5.4

    MEDIUM
    CVE-2024-12094

    This vulnerability exists in the Tinxy mobile app due to storage of logged-in user information in plaintext on the device database. An attacker with physical access to the rooted device could exploit this vulnerability by accessing its database leading to... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Apr. 15, 2025

  • 10.0

    CRITICAL
    CVE-2024-11317

    Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 8.7

    HIGH
    CVE-2024-11316

    Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 8.2

    HIGH
    CVE-2024-52270

    User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign(HelloSign) allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the p... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 7.5

    HIGH
    CVE-2024-52564

    Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary ... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 7.2

    HIGH
    CVE-2024-47133

    UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands.... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 18, 2024

  • 6.5

    MEDIUM
    CVE-2024-45841

    Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the informat... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 18, 2024
Showing 20 of 293334 Results