Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.7

    MEDIUM
    CVE-2024-44731

    Mirotalk before commit 9de226 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary code via sending crafted payloads in messages to other users over RTC connections.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Nov. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-44415

    A vulnerability was discovered in DI_8200-16.07.26A1, There is a buffer overflow in the dbsrv_asp function; The strcpy function is executed without checking the length of the string, leading to a buffer overflow.... Read more

    Affected Products : di-8200_firmware
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 8.8

    HIGH
    CVE-2024-44414

    A vulnerability was discovered in FBM_292W-21.03.10V, which has been classified as critical. This issue affects the sub_4901E0 function in the msp_info.htm file. Manipulation of the path parameter can lead to command injection.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 8.8

    HIGH
    CVE-2024-44413

    A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection.... Read more

    Affected Products : di-8200_firmware
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.7

    HIGH
    CVE-2024-42018

    An issue was discovered in Atos Eviden SMC xScale before 1.6.6. During initialization of nodes, some configuration parameters are retrieved from management nodes. These parameters embed credentials whose integrity and confidentiality may be important to t... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Nov. 06, 2024

  • 7.8

    HIGH
    CVE-2024-9046

    A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges.... Read more

    Affected Products : starstudio
    • Published: Oct. 11, 2024
    • Modified: Oct. 17, 2024

  • 7.5

    HIGH
    CVE-2024-8376

    In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.... Read more

    Affected Products : mosquitto
    • Published: Oct. 11, 2024
    • Modified: Nov. 15, 2024

  • 4.4

    MEDIUM
    CVE-2024-6985

    A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the victim's computer, even though sanitize_path is set. The ... Read more

    Affected Products : lollms
    • Published: Oct. 11, 2024
    • Modified: Nov. 15, 2024

  • 5.5

    MEDIUM
    CVE-2024-5474

    A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation o... Read more

    Affected Products : dolby_vision_provisioning
    • Published: Oct. 11, 2024
    • Modified: Nov. 15, 2024

  • 7.8

    HIGH
    CVE-2024-4132

    A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges.... Read more

    Affected Products : lock_screen
    • Published: Oct. 11, 2024
    • Modified: Oct. 17, 2024

  • 7.8

    HIGH
    CVE-2024-4131

    A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges.... Read more

    Affected Products : emulator
    • Published: Oct. 11, 2024
    • Modified: Oct. 17, 2024

  • 7.8

    HIGH
    CVE-2024-4130

    A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges.... Read more

    Affected Products : app_store_app app_store
    • Published: Oct. 11, 2024
    • Modified: Oct. 17, 2024

  • 7.8

    HIGH
    CVE-2024-4089

    A DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges.... Read more

    Affected Products : superfile
    • Published: Oct. 11, 2024
    • Modified: Oct. 17, 2024

  • 8.8

    HIGH
    CVE-2024-48827

    An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and escalate privileges via the Change Password function.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 8.8

    HIGH
    CVE-2024-48813

    SQL injection vulnerability in employee-management-system-php-and-mysql-free-download.html taskmatic 1.0 allows a remote attacker to execute arbitrary code via the admin_id parameter of the /update-employee.php component.... Read more

    Affected Products :
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.1

    HIGH
    CVE-2024-47509

    An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS... Read more

    Affected Products : junos_os_evolved
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.1

    HIGH
    CVE-2024-47508

    An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS... Read more

    Affected Products : junos_os_evolved
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 6.9

    MEDIUM
    CVE-2024-47507

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream d... Read more

    Affected Products : junos junos_os_evolved
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 8.2

    HIGH
    CVE-2024-47506

    A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspe... Read more

    Affected Products : junos
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024

  • 7.1

    HIGH
    CVE-2024-47505

    An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS... Read more

    Affected Products : junos_os_evolved
    • Published: Oct. 11, 2024
    • Modified: Oct. 15, 2024
Showing 20 of 294848 Results