Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.0

    MEDIUM
    CVE-2024-20370

    A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrativ... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 5.4

    MEDIUM
    CVE-2024-20364

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected de... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 31, 2024

  • 7.2

    HIGH
    CVE-2024-10297

    A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php of the component Managecard Edit Image Page. The manipulatio... Read more

    • Published: Oct. 23, 2024
    • Modified: May. 06, 2025

  • 5.9

    MEDIUM
    CVE-2024-50383

    Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC... Read more

    Affected Products : botan
    • Published: Oct. 23, 2024
    • Modified: Jul. 10, 2025

  • 5.9

    MEDIUM
    CVE-2024-50382

    Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V.... Read more

    Affected Products : botan
    • Published: Oct. 23, 2024
    • Modified: Jul. 10, 2025

  • 5.3

    MEDIUM
    CVE-2024-49756

    AshPostgres is the PostgreSQL data layer for Ash Framework. Starting in version 2.0.0 and prior to version 2.4.10, in certain very specific situations, it was possible for the policies of an update action to be skipped. This occurred only on "empty" updat... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 8.6

    HIGH
    CVE-2024-20351

    A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be d... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 11, 2025

  • 8.6

    HIGH
    CVE-2024-20342

    Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an ... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 11, 2025

  • 6.1

    MEDIUM
    CVE-2024-20341

    A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack aga... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.5

    MEDIUM
    CVE-2024-20340

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an aff... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 8.6

    HIGH
    CVE-2024-20339

    A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vuln... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 08, 2025

  • 6.8

    MEDIUM
    CVE-2024-20331

    A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to preve... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 8.6

    HIGH
    CVE-2024-20330

    A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cau... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 06, 2025

  • 9.9

    CRITICAL
    CVE-2024-20329

    A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An ... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 01, 2025

  • 5.4

    MEDIUM
    CVE-2024-20300

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. T... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 5.8

    MEDIUM
    CVE-2024-20299

    A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow tr... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 01, 2025

  • 5.4

    MEDIUM
    CVE-2024-20298

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. T... Read more

    • Published: Oct. 23, 2024
    • Modified: Oct. 31, 2024

  • 5.8

    MEDIUM
    CVE-2024-20297

    A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow tr... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 01, 2025

  • 6.1

    MEDIUM
    CVE-2024-20275

    A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 05, 2025

  • 5.5

    MEDIUM
    CVE-2024-20274

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-ge... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 05, 2025
Showing 20 of 294714 Results