Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2024-50558

    A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M8... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-50557

    A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M8... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 6.9

    MEDIUM
    CVE-2024-50313

    A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.16.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12.7 only if the basic authentication mechanism is used by... Read more

    Affected Products : mendix
    • Published: Nov. 12, 2024
    • Modified: Aug. 27, 2025

  • 8.7

    HIGH
    CVE-2024-50310

    A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesy... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.3

    HIGH
    CVE-2024-47942

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the sy... Read more

    Affected Products : solid_edge_se2024
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-47941

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attack... Read more

    Affected Products : solid_edge_se2024
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-47940

    A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attack... Read more

    Affected Products : solid_edge_se2024
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 8.4

    HIGH
    CVE-2024-47808

    A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an... Read more

    Affected Products : sinec_nms
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 8.5

    HIGH
    CVE-2024-47783

    A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the servic... Read more

    Affected Products : siport_mp siport
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 6.3

    MEDIUM
    CVE-2024-46894

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoint. This could allow an authenticated remote attacker to ... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Aug. 20, 2025

  • 8.1

    HIGH
    CVE-2024-46892

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an auth... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 7.5

    HIGH
    CVE-2024-46891

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logg... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Aug. 20, 2025

  • 9.4

    CRITICAL
    CVE-2024-46890

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privilege... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 6.9

    MEDIUM
    CVE-2024-46889

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key materia... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 9.9

    CRITICAL
    CVE-2024-46888

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipu... Read more

    Affected Products : sinec_ins
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 10.0

    CRITICAL
    CVE-2024-44102

    A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions < V3.1.2.1 with... Read more

    Affected Products : telecontrol_server_basic
    • Published: Nov. 12, 2024
    • Modified: Nov. 13, 2024

  • 8.2

    HIGH
    CVE-2024-36140

    A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2). The user accounts tab of affected devices is vulnerable to stored cross-site scripting (XSS) attacks. This could allow an authenticated remote attacker t... Read more

    • Published: Nov. 12, 2024
    • Modified: Nov. 15, 2024

  • 8.5

    HIGH
    CVE-2024-29119

    A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.... Read more

    Affected Products : spectrum_power_7
    • Published: Nov. 12, 2024
    • Modified: Nov. 15, 2024

  • 7.5

    HIGH
    CVE-2024-11123

    A vulnerability, which was classified as problematic, was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. This affects an unknown part of the file /crm/data/pdf.php. The manipulation of the argument url with the input ../config.inc.php leads to path tra... Read more

    Affected Products : lingdang_crm
    • Published: Nov. 12, 2024
    • Modified: Aug. 27, 2025

  • 9.8

    CRITICAL
    CVE-2024-11122

    A vulnerability, which was classified as critical, has been found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index.php?msgid=1&operation=upload. The manipulation of the a... Read more

    Affected Products : lingdang_crm
    • Published: Nov. 12, 2024
    • Modified: Aug. 27, 2025
Showing 20 of 293517 Results