Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2024-20387

    A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based manageme... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 6.1

    MEDIUM
    CVE-2024-20386

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected ... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 5.8

    MEDIUM
    CVE-2024-20384

    A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (AC... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 01, 2025

  • 6.1

    MEDIUM
    CVE-2024-20382

    A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack aga... Read more

    • Published: Oct. 23, 2024
    • Modified: Jun. 06, 2025

  • 6.5

    MEDIUM
    CVE-2024-20379

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to read arbitrary files from the underlying opera... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 5.4

    MEDIUM
    CVE-2024-20377

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is ... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 25, 2025

  • 7.2

    HIGH
    CVE-2024-20374

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute ar... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 06, 2025

  • 6.1

    MEDIUM
    CVE-2024-20372

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected ... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 6.0

    MEDIUM
    CVE-2024-20370

    A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrativ... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 5.4

    MEDIUM
    CVE-2024-20364

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected de... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 31, 2024

  • 7.2

    HIGH
    CVE-2024-10297

    A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulatio... Read more

    • Published: Oct. 23, 2024
    • Modified: May. 06, 2025

  • 5.9

    MEDIUM
    CVE-2024-50383

    Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC... Read more

    Affected Products : botan
    • Published: Oct. 23, 2024
    • Modified: Jul. 10, 2025

  • 5.9

    MEDIUM
    CVE-2024-50382

    Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V.... Read more

    Affected Products : botan
    • Published: Oct. 23, 2024
    • Modified: Jul. 10, 2025

  • 5.3

    MEDIUM
    CVE-2024-49756

    AshPostgres is the PostgreSQL data layer for Ash Framework. Starting in version 2.0.0 and prior to version 2.4.10, in certain very specific situations, it was possible for the policies of an update action to be skipped. This occurred only on "empty" updat... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 8.6

    HIGH
    CVE-2024-20351

    A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be d... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 11, 2025

  • 8.6

    HIGH
    CVE-2024-20342

    Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an ... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 11, 2025

  • 6.1

    MEDIUM
    CVE-2024-20341

    A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack aga... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.5

    MEDIUM
    CVE-2024-20340

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an aff... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 8.6

    HIGH
    CVE-2024-20339

    A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vuln... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 08, 2025

  • 6.8

    MEDIUM
    CVE-2024-20331

    A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to preve... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024
Showing 20 of 294522 Results