Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-47665

    In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup Definitely condition dma_get_cache_alignment * defined value > 256 during driver initialization is not reason to BUG_ON... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-47664

    In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware If the value of max_speed_hz is 0, it may cause a division by zero error in hisi_calc_effective_speed(... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-47663

    In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834_write_frequency() clk_get_rate() can return 0. In such case ad9834_calc_freqreg() call will lead to divisio... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-47662

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection [Why] These registers should not be read from driver and triggering the security violation when DMCUB work times ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-47661

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow from uint32_t to uint8_t [WHAT & HOW] dmub_rb_cmd's ramping_boundary has size of uint8_t and it is assigned 0xFFFF. Fix it by changing it to uint8_t with... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 15, 2024

  • 7.8

    HIGH
    CVE-2024-47425

    Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac... Read more

    Affected Products : windows framemaker
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024

  • 7.8

    HIGH
    CVE-2024-47424

    Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in ... Read more

    Affected Products : windows framemaker
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024

  • 7.8

    HIGH
    CVE-2024-47423

    Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file... Read more

    Affected Products : windows framemaker
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024

  • 7.8

    HIGH
    CVE-2024-47422

    Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories... Read more

    Affected Products : windows framemaker
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024

  • 7.8

    HIGH
    CVE-2024-47421

    Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability... Read more

    Affected Products : windows framemaker
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024

  • 7.8

    HIGH
    CVE-2024-45137

    InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file w... Read more

    Affected Products : macos windows indesign
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024

  • 7.8

    HIGH
    CVE-2024-45136

    InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious f... Read more

    Affected Products : macos windows incopy
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024

  • 8.8

    HIGH
    CVE-2024-9286

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper Input Validation vulnerability in TRtek Software Distant Education Platform allows SQL Injection, Parameter Injection.This issue affects Distant Education Platf... Read more

    Affected Products :
    • Published: Oct. 09, 2024
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2024-47660

    In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotify_update_child_dentry_flags() function can take a signif... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 8.8

    HIGH
    CVE-2024-47659

    In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always ge... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-47658

    In the Linux kernel, the following vulnerability has been resolved: crypto: stm32/cryp - call finalize with bh disabled The finalize operation in interrupt mode produce a produces a spinlock recursion warning. The reason is the fact that BH must be disa... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 7.8

    HIGH
    CVE-2024-46871

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub_notification_type. Not 5. Using smaller number to crea... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Dec. 14, 2024

  • 4.7

    MEDIUM
    CVE-2024-46870

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 [Why] DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnosti... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2024
    • Modified: Oct. 23, 2024

  • 5.4

    MEDIUM
    CVE-2024-46237

    PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.... Read more

    Affected Products : hospital_management_system
    • Published: Oct. 09, 2024
    • Modified: Oct. 22, 2024

  • 7.8

    HIGH
    CVE-2024-45152

    Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Oct. 09, 2024
    • Modified: Oct. 18, 2024
Showing 20 of 294858 Results