Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.2

    MEDIUM
    CVE-2024-44257

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 9.3

    CRITICAL
    CVE-2024-44256

    The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.5

    MEDIUM
    CVE-2024-44240

    The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.5

    MEDIUM
    CVE-2024-44237

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 9.1

    CRITICAL
    CVE-2024-44217

    A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication.... Read more

    Affected Products : iphone_os ipados
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.2

    MEDIUM
    CVE-2024-44216

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.1

    MEDIUM
    CVE-2024-44145

    This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 4.3

    MEDIUM
    CVE-2024-30106

    HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data.... Read more

    Affected Products : connections
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 10.0

    CRITICAL
    CVE-2024-50496

    Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For WordPress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through 6.2.... Read more

    Affected Products : ar
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 10.0

    CRITICAL
    CVE-2024-50495

    Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through 0.1.... Read more

    Affected Products : plugin_propagator
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-48594

    File Upload vulnerability in Prison Management System v.1.0 allows a remote attacker to execute arbitrary code via the file upload component.... Read more

    • Published: Oct. 28, 2024
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2024-48356

    LyLme Spage <=1.6.0 is vulnerable to SQL Injection via /admin/group.php.... Read more

    Affected Products : lylme_spage
    • Published: Oct. 28, 2024
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2024-48177

    MRCMS 3.1.2 contains a SQL injection vulnerability via the RID parameter in /admin/article/delete.do.... Read more

    Affected Products : mrcms
    • Published: Oct. 28, 2024
    • Modified: Apr. 18, 2025

  • 6.5

    MEDIUM
    CVE-2024-48107

    SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides, attack applications running on the Intranet or local network, or read metadat... Read more

    Affected Products : sparkshop
    • Published: Oct. 28, 2024
    • Modified: Apr. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-44302

    The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Oct. 28, 2024
    • Modified: Dec. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-44301

    The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Dec. 12, 2024

  • 6.5

    MEDIUM
    CVE-2024-44297

    The issue was addressed with improved bounds checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted message ... Read more

    • Published: Oct. 28, 2024
    • Modified: Oct. 30, 2024

  • 5.4

    MEDIUM
    CVE-2024-44296

    The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Con... Read more

    • Published: Oct. 28, 2024
    • Modified: Nov. 14, 2024

  • 6.5

    MEDIUM
    CVE-2024-44294

    A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker with root privileges may be able to delete protected system files.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Oct. 29, 2024

  • 7.5

    HIGH
    CVE-2024-44289

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Oct. 30, 2024
Showing 20 of 293781 Results