Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2024-48709

    CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php... Read more

    Affected Products : membership_management_system
    • Published: Oct. 21, 2024
    • Modified: Mar. 31, 2025

  • 8.7

    HIGH
    CVE-2024-47825

    Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than `/32` may be ignored if there is a policy ... Read more

    Affected Products : cilium
    • Published: Oct. 21, 2024
    • Modified: Dec. 19, 2024

  • 5.9

    MEDIUM
    CVE-2024-46239

    Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php.... Read more

    Affected Products : hospital_management_system
    • Published: Oct. 21, 2024
    • Modified: Mar. 31, 2025

  • 5.9

    MEDIUM
    CVE-2024-46238

    Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php... Read more

    Affected Products : hospital_management_system
    • Published: Oct. 21, 2024
    • Modified: Mar. 31, 2025

  • 5.4

    MEDIUM
    CVE-2024-46236

    CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the address parameter in add_members.php and edit_member.php.... Read more

    Affected Products : membership_management_system
    • Published: Oct. 21, 2024
    • Modified: Mar. 31, 2025

  • 5.5

    MEDIUM
    CVE-2024-50002

    In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() to initialize the static calls in a module. static_call_a... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 30, 2024

  • 5.5

    MEDIUM
    CVE-2024-50001

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapp... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 30, 2024

  • 5.5

    MEDIUM
    CVE-2024-50000

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 25, 2024

  • 5.5

    MEDIUM
    CVE-2024-49999

    In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the server record that we used after doing the fileserver it... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 29, 2024

  • 4.7

    MEDIUM
    CVE-2024-49998

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce th... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Jan. 09, 2025

  • 7.5

    HIGH
    CVE-2024-49997

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This p... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 08, 2024

  • 7.8

    HIGH
    CVE-2024-49996

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeTyp... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Dec. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-49994

    In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure e... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Feb. 02, 2025

  • 7.8

    HIGH
    CVE-2024-49992

    In the Linux kernel, the following vulnerability has been resolved: drm/stm: Avoid use-after-free issues with crtc and plane ltdc_load() calls functions drm_crtc_init_with_planes(), drm_universal_plane_init() and drm_encoder_init(). These functions shou... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 25, 2024

  • 7.8

    HIGH
    CVE-2024-49991

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 17, 2024

  • 5.5

    MEDIUM
    CVE-2024-49990

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Check GSC structure validity Sometimes xe_gsc is not initialized when checked at HDCP capability check. Add gsc structure check to avoid null pointer error.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 28, 2024

  • 7.8

    HIGH
    CVE-2024-49989

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix double free issue during amdgpu module unload Flexible endpoints use DIGs from available inflexible endpoints, so only the encoders of inflexible links need to be f... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-49988

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbd_conn struct When sending an oplock break request, opinfo->conn is used, But freed ->conn can be used on multichannel. This patch add a reference count to the ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 28, 2024

  • 5.5

    MEDIUM
    CVE-2024-49987

    In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) When netfilter has no entry to display, qsort is called with qsort(NULL, 0, ...). This results in undefined behavior, as UBSan rep... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 28, 2024

  • 7.8

    HIGH
    CVE-2024-49986

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors x86_android_tablet_remove() frees the pdevs[] array, so it should not be used after calling x8... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 17, 2024
Showing 20 of 294740 Results