Latest CVE Feed
-
8.8
HIGHCVE-2024-9602
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)... Read more
- Published: Oct. 08, 2024
- Modified: Jan. 02, 2025
-
8.4
HIGHCVE-2024-9412
An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign in. While removal of all role mappings is unlikely, it could occur in the case of unexpected or accidental removal by... Read more
Affected Products :- Published: Oct. 08, 2024
- Modified: Oct. 10, 2024
-
4.9
MEDIUMCVE-2024-36814
An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory.... Read more
Affected Products :- Published: Oct. 08, 2024
- Modified: Oct. 10, 2024
-
2.5
LOWCVE-2024-27457
Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.... Read more
Affected Products : tdx_module_software- Published: Oct. 08, 2024
- Modified: Oct. 10, 2024
-
9.8
CRITICALCVE-2024-47823
Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire prior to `2.12.7` and `v3.5.2`, the file extension of an uploaded file is guessed based on the MIME type. As a result, the actua... Read more
Affected Products : livewire- Published: Oct. 08, 2024
- Modified: Oct. 10, 2024
-
4.2
MEDIUMCVE-2024-47822
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. The access token in `req.query` is not redacted when the ... Read more
Affected Products : directus- Published: Oct. 08, 2024
- Modified: Apr. 14, 2025
-
4.3
MEDIUMCVE-2024-47780
TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowe... Read more
Affected Products : typo3- Published: Oct. 08, 2024
- Modified: Sep. 03, 2025
-
8.2
HIGHCVE-2024-47773
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been ... Read more
Affected Products : discourse- Published: Oct. 08, 2024
- Modified: Aug. 26, 2025
-
8.2
HIGHCVE-2024-46539
Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service (DoS).... Read more
Affected Products :- Published: Oct. 08, 2024
- Modified: Oct. 10, 2024
-
4.8
MEDIUMCVE-2024-46410
PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature... Read more
Affected Products : publiccms- Published: Oct. 08, 2024
- Modified: Apr. 23, 2025
-
7.8
HIGHCVE-2024-43616
Microsoft Office Remote Code Execution Vulnerability... Read more
Affected Products : office 365_apps office_long_term_servicing_channel office_2024 office_2021 office_2019- Published: Oct. 08, 2024
- Modified: Oct. 21, 2024
-
7.1
HIGHCVE-2024-43615
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 windows windows_11_23h2 windows_server_2022_23h2 +2 more products- Published: Oct. 08, 2024
- Modified: Oct. 21, 2024
-
5.5
MEDIUMCVE-2024-43614
Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally.... Read more
Affected Products : defender_for_endpoint- Published: Oct. 08, 2024
- Modified: Jul. 08, 2025
-
6.9
MEDIUMCVE-2024-43612
Power BI Report Server Spoofing Vulnerability... Read more
Affected Products : power_bi_report_server- Published: Oct. 08, 2024
- Modified: Oct. 21, 2024
-
8.8
HIGHCVE-2024-43611
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability... Read more
- Published: Oct. 08, 2024
- Modified: Oct. 22, 2024
-
6.5
MEDIUMCVE-2024-43609
Microsoft Office Spoofing Vulnerability... Read more
Affected Products : office 365_apps office_long_term_servicing_channel office_2016 office_2024 office_2021 office_2019- Published: Oct. 08, 2024
- Modified: Oct. 17, 2024
-
8.8
HIGHCVE-2024-43608
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability... Read more
- Published: Oct. 08, 2024
- Modified: Oct. 22, 2024
-
8.8
HIGHCVE-2024-43607
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability... Read more
- Published: Oct. 08, 2024
- Modified: Oct. 22, 2024
-
8.0
HIGHCVE-2024-43604
Outlook for Android Elevation of Privilege Vulnerability... Read more
Affected Products : outlook- Published: Oct. 08, 2024
- Modified: Oct. 17, 2024
-
5.5
MEDIUM- Published: Oct. 08, 2024
- Modified: Oct. 17, 2024