Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    CVSS31
    CVE-2024-21781

    Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 5.3

    CVSS31
    CVE-2023-43753

    Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 7.5

    CVSS31
    CVE-2023-43626

    Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 8.2

    CVSS31
    CVE-2023-42772

    Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 7.5

    CVSS31
    CVE-2023-41833

    A race condition in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 2.5

    CVSS31
    CVE-2023-25546

    Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 6.1

    CVSS31
    CVE-2023-23904

    NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 6.1

    CVSS31
    CVE-2023-22351

    Out-of-bounds write in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-8752

    The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-44623

    An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-7104

    Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-7098

    Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-6401

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 2.5

    CVSS31
    CVE-2024-45835

    Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 3.7

    CVSS31
    CVE-2024-39772

    Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 6.3

    CVSS31
    CVE-2024-38315

    IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-46419

    TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-46937

    An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server (SAS) 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authen... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-46451

    TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 0.0

    NONE
    CVE-2024-46424

    TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024
Showing 20 of 86 Results