Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-50149

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't free job in TDR Freeing job in TDR is not safe as TDR can pass the run_job thread resulting in UAF. It is only safe for free job to naturally be called by the scheduler. R... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Dec. 11, 2024

  • 5.5

    MEDIUM
    CVE-2024-50148

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Co... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-50147

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-50146

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. Avoid a crash when unlo... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Feb. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-50145

    In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx() build_skb() returns NULL in case of a memory allocation failure so handle it inside __octep_oq_process_rx() to... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-50144

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix unbalanced rpm put() with fence_fini() Currently we can call fence_fini() twice if something goes wrong when sending the GuC CT for the tlb request, since we signal the fenc... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 18, 2024

  • 7.8

    HIGH
    CVE-2024-50143

    In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-50142

    In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a ("xfrm: Validate address prefix lengths in the x... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 22, 2024

  • 5.5

    MEDIUM
    CVE-2024-50141

    In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue ari... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 22, 2024

  • 5.5

    MEDIUM
    CVE-2024-50140

    In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416]... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 22, 2024

  • 5.5

    MEDIUM
    CVE-2024-50139

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sys_r... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 22, 2024

  • 7.0

    HIGH
    CVE-2024-10203

    Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.... Read more

    Affected Products : manageengine_endpoint_central
    • Published: Nov. 07, 2024
    • Modified: Nov. 08, 2024

  • 7.5

    HIGH
    CVE-2023-1973

    A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.... Read more

    Affected Products : undertow
    • Published: Nov. 07, 2024
    • Modified: Nov. 08, 2024

  • 6.1

    MEDIUM
    CVE-2023-1932

    A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid h... Read more

    • Published: Nov. 07, 2024
    • Modified: Jun. 24, 2025

  • 3.8

    LOW
    CVE-2024-30142

    HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.... Read more

    Affected Products : bigfix_compliance
    • Published: Nov. 07, 2024
    • Modified: Jun. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-30141

    HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information. Detailed error messages can provide enticement information or expose information about its environment, users, or associated data.... Read more

    Affected Products : bigfix_compliance
    • Published: Nov. 07, 2024
    • Modified: Jun. 17, 2025

  • 5.4

    MEDIUM
    CVE-2024-30140

    HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page.... Read more

    Affected Products : bigfix_compliance
    • Published: Nov. 07, 2024
    • Modified: Jun. 17, 2025

  • 8.6

    HIGH
    CVE-2024-38286

    Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. The following versions were EOL at the... Read more

    Affected Products : tomcat ontap_tools
    • Published: Nov. 07, 2024
    • Modified: Aug. 08, 2025

  • 4.8

    MEDIUM
    CVE-2024-10027

    The WP Booking Calendar WordPress plugin before 10.6.3 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability ... Read more

    Affected Products : wp_booking_calendar
    • Published: Nov. 07, 2024
    • Modified: May. 15, 2025

  • 7.2

    HIGH
    CVE-2024-10947

    A vulnerability classified as critical was found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This vulnerability affects unknown code of the file /interlib/order/BatchOrder?cmdACT=a... Read more

    Affected Products : interlib
    • Published: Nov. 07, 2024
    • Modified: Dec. 11, 2024
Showing 20 of 293620 Results