Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-50076

    In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50075

    In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are shared between all Virtual Functions. The USB2 port number owned by an USB2 root hub in a Virt... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Nov. 01, 2024

  • 7.8

    HIGH
    CVE-2024-50074

    In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). However, since snprintf() returns t... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Oct. 29, 2024
    • Modified: Nov. 08, 2024

  • 7.8

    HIGH
    CVE-2024-50073

    In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] Read of size 8 at addr ffff88815fe99c00... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Dec. 11, 2024

  • 5.5

    MEDIUM
    CVE-2024-50072

    In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below #GP in 32-bit mode when dosemu software was executing vm86() system call: general protection fault: 00... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Nov. 08, 2024

  • 7.8

    HIGH
    CVE-2024-50071

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of freeing the allocated data on device removal, call to ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Oct. 30, 2024

  • 5.5

    MEDIUM
    CVE-2024-50070

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Feb. 21, 2025

  • 5.5

    MEDIUM
    CVE-2024-50069

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Oct. 30, 2024

  • 5.5

    MEDIUM
    CVE-2024-50068

    In the Linux kernel, the following vulnerability has been resolved: mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() The sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not freed in damon_sysfs_test_add_t... Read more

    Affected Products : linux_kernel
    • Published: Oct. 29, 2024
    • Modified: Oct. 30, 2024

  • 9.8

    CRITICAL
    CVE-2024-45656

    IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privi... Read more

    Affected Products : power9_system_firmware
    • Published: Oct. 29, 2024
    • Modified: Oct. 29, 2024

  • 5.1

    MEDIUM
    CVE-2024-10478

    A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /admin#article/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross ... Read more

    Affected Products : pb-cms
    • Published: Oct. 29, 2024
    • Modified: Oct. 29, 2024

  • 5.1

    MEDIUM
    CVE-2024-10477

    A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Page. The manipulation leads to cross site scripting. The ... Read more

    Affected Products : pb-cms
    • Published: Oct. 29, 2024
    • Modified: Oct. 29, 2024

  • 4.8

    MEDIUM
    CVE-2024-51509

    Tiki through 27.0 allows users who have certain permissions to insert a "Modules" (aka tiki-admin_modules.php) stored XSS payload in the Name.... Read more

    Affected Products : tikiwiki_cms\/groupware tiki
    • Published: Oct. 28, 2024
    • Modified: Jun. 03, 2025

  • 4.8

    MEDIUM
    CVE-2024-51508

    Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index.... Read more

    Affected Products : tikiwiki_cms\/groupware tiki
    • Published: Oct. 28, 2024
    • Modified: Jun. 03, 2025

  • 4.8

    MEDIUM
    CVE-2024-51507

    Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name.... Read more

    Affected Products : tikiwiki_cms\/groupware tiki
    • Published: Oct. 28, 2024
    • Modified: Jun. 03, 2025

  • 4.8

    MEDIUM
    CVE-2024-51506

    Tiki through 27.0 allows users who have certain permissions to insert a "Create a Wiki Pages" stored XSS payload in the description.... Read more

    Affected Products : tikiwiki_cms\/groupware tiki
    • Published: Oct. 28, 2024
    • Modified: Jun. 03, 2025

  • 7.7

    HIGH
    CVE-2024-44295

    This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.5

    MEDIUM
    CVE-2024-44283

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.7

    MEDIUM
    CVE-2024-44260

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app with root privileges may be able to modify the contents of system files.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.2

    MEDIUM
    CVE-2024-44257

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024
Showing 20 of 293680 Results