Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.9

    MEDIUM
    CVE-2024-4658

    SQL Injection: Hibernate vulnerability in TE Informatics Nova CMS allows SQL Injection.This issue affects Nova CMS: before 5.0.... Read more

    Affected Products :
    • Published: Oct. 10, 2024
    • Modified: Oct. 15, 2024

  • 9.0

    HIGH
    CVE-2024-9786

    A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. Affected by this issue is the function formSetLog of the file /goform/formSetLog. The manipulation of the argument curTime leads to buffer overflow. The attack m... Read more

    Affected Products : dir-619l_firmware dir-619l
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 9.0

    HIGH
    CVE-2024-9785

    A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formSetDDNS of the file /goform/formSetDDNS. The manipulation of the argument curTime leads to buffer overflow. The attack can be l... Read more

    Affected Products : dir-619l_firmware dir-619l
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 5.1

    MEDIUM
    CVE-2024-6157

    An attacker who successfully exploited these vulnerabilities could cause the robot to stop. A vulnerability exists in the PROFINET stack included in the RobotWare versions listed below.  This vulnerability arises under specific condition when speciall... Read more

    Affected Products :
    • Published: Oct. 10, 2024
    • Modified: Oct. 15, 2024

  • 7.5

    HIGH
    CVE-2024-35202

    Bitcoin Core before 25.0 allows remote attackers to cause a denial of service (blocktxn message-handling assertion and node exit) by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called t... Read more

    Affected Products : bitcoin_core bitcoin
    • Published: Oct. 10, 2024
    • Modified: May. 22, 2025

  • 9.0

    HIGH
    CVE-2024-9784

    A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to laun... Read more

    Affected Products : dir-619l_firmware dir-619l
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 9.0

    HIGH
    CVE-2024-9783

    A vulnerability was found in D-Link DIR-619L B1 2.06. It has been rated as critical. This issue affects the function formLogDnsquery of the file /goform/formLogDnsquery. The manipulation of the argument curTime leads to buffer overflow. The attack may be ... Read more

    Affected Products : dir-619l_firmware dir-619l
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 9.0

    HIGH
    CVE-2024-9782

    A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formEasySetupWWConfig of the file /goform/formEasySetupWWConfig. The manipulation of the argument curTime leads to buffer overf... Read more

    Affected Products : dir-619l_firmware dir-619l
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 7.3

    HIGH
    CVE-2024-6530

    A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 17.1 prior 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2. When adding a authorizing an application, it can be made to rend... Read more

    Affected Products : gitlab
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 9.8

    CRITICAL
    CVE-2024-9201

    The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection through the use of the ‘id_order’ parameter of the ‘/modules/seur/ajax/saveCodFee.php’ endpoint.... Read more

    Affected Products : seur
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 5.4

    MEDIUM
    CVE-2024-48902

    In JetBrains YouTrack before 2024.3.46677 improper access control allowed users with project update permission to delete applications via API... Read more

    Affected Products : youtrack
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 6.5

    MEDIUM
    CVE-2024-9623

    An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository.... Read more

    Affected Products : gitlab
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 5.3

    MEDIUM
    CVE-2024-9596

    An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. It was possible for an unauthenticated attacker to determine the GitLab version number for a Git... Read more

    Affected Products : gitlab
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 8.2

    HIGH
    CVE-2024-8977

    An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. Instances with Product Analytics Dashboard configured and enabled could be vulnerable to SSRF a... Read more

    Affected Products : gitlab
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 2.7

    LOW
    CVE-2024-45149

    Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass sec... Read more

    Affected Products : magento commerce magento commerce_b2b
    • Published: Oct. 10, 2024
    • Modified: Dec. 12, 2024

  • 8.8

    HIGH
    CVE-2024-45148

    Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to gain unauth... Read more

    Affected Products : commerce magento commerce_b2b
    • Published: Oct. 10, 2024
    • Modified: Oct. 16, 2024

  • 2.7

    LOW
    CVE-2024-45135

    Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security mea... Read more

    Affected Products : magento commerce magento commerce_b2b
    • Published: Oct. 10, 2024
    • Modified: Oct. 11, 2024

  • 2.7

    LOW
    CVE-2024-45134

    Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on c... Read more

    Affected Products : magento commerce magento commerce_b2b
    • Published: Oct. 10, 2024
    • Modified: Oct. 11, 2024

  • 2.7

    LOW
    CVE-2024-45133

    Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on c... Read more

    Affected Products : magento commerce magento commerce_b2b
    • Published: Oct. 10, 2024
    • Modified: Oct. 11, 2024

  • 6.5

    MEDIUM
    CVE-2024-45132

    Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security m... Read more

    Affected Products : magento commerce magento commerce_b2b
    • Published: Oct. 10, 2024
    • Modified: Oct. 14, 2024
Showing 20 of 294846 Results