Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2024-38264

    Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 19, 2024

  • 8.8

    HIGH
    CVE-2024-38255

    SQL Server Native Client Remote Code Execution Vulnerability... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 18, 2024

  • 6.2

    MEDIUM
    CVE-2024-38203

    Windows Package Library Manager Information Disclosure Vulnerability... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 18, 2024

  • 8.8

    HIGH
    CVE-2024-21976

    Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.... Read more

    Affected Products : ryzen_ai_software
    • Published: Nov. 12, 2024
    • Modified: Aug. 26, 2025

  • 8.8

    HIGH
    CVE-2024-21975

    Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.... Read more

    Affected Products : ryzen_ai_software
    • Published: Nov. 12, 2024
    • Modified: Nov. 15, 2024

  • 8.8

    HIGH
    CVE-2024-21974

    Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.... Read more

    Affected Products : ryzen_ai_software
    • Published: Nov. 12, 2024
    • Modified: Nov. 15, 2024

  • 7.3

    HIGH
    CVE-2024-21958

    Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.... Read more

    Affected Products : provisioning_console
    • Published: Nov. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.3

    HIGH
    CVE-2024-21957

    Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.... Read more

    Affected Products : management_console
    • Published: Nov. 12, 2024
    • Modified: Dec. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-21949

    Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash.... Read more

    Affected Products : ryzen_ai_software
    • Published: Nov. 12, 2024
    • Modified: Nov. 15, 2024

  • 7.3

    HIGH
    CVE-2024-21946

    Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.... Read more

    • Published: Nov. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.3

    HIGH
    CVE-2024-21945

    Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.... Read more

    • Published: Nov. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.3

    HIGH
    CVE-2024-21939

    Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.... Read more

    Affected Products : cloud_manageability_service
    • Published: Nov. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-21938

    Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.... Read more

    Affected Products : management_plugin_for_sccm
    • Published: Nov. 12, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-21937

    Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 27, 2024

  • 9.8

    CRITICAL
    CVE-2024-11138

    A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an unknown part of the file /dede/uploads/dede/friendlink_add.php. The manipulation of the argument logoimg leads to unrestricted upload. It is possible to initiate ... Read more

    Affected Products : dedecms
    • Published: Nov. 12, 2024
    • Modified: Dec. 10, 2024

  • 6.5

    MEDIUM
    CVE-2024-9999

    In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.... Read more

    Affected Products :
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-9843

    A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.... Read more

    Affected Products : macos secure_access_client
    • Published: Nov. 12, 2024
    • Modified: Jan. 17, 2025

  • 7.3

    HIGH
    CVE-2024-9842

    Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.... Read more

    Affected Products : windows secure_access_client
    • Published: Nov. 12, 2024
    • Modified: Jan. 17, 2025

  • 7.1

    HIGH
    CVE-2024-8539

    Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.... Read more

    • Published: Nov. 12, 2024
    • Modified: Jan. 17, 2025

  • 7.8

    HIGH
    CVE-2024-7571

    Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.... Read more

    Affected Products : windows secure_access_client
    • Published: Nov. 12, 2024
    • Modified: Jan. 17, 2025
Showing 20 of 291804 Results