Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2024-45297

    Discourse is an open source platform for community discussion. Users can see topics with a hidden tag if they know the label/name of that tag. This issue has been patched in the latest stable, beta and tests-passed version of Discourse. All users area are... Read more

    Affected Products : discourse
    • Published: Oct. 07, 2024
    • Modified: Oct. 19, 2024

  • 8.8

    HIGH
    CVE-2024-45291

    PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images has been enabled in HTML writer with `$writer->setEmbedIm... Read more

    Affected Products : phpexcel phpspreadsheet
    • Published: Oct. 07, 2024
    • Modified: Oct. 16, 2024

  • 7.7

    HIGH
    CVE-2024-45290

    PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX file, PhpSpreadsheet retrieves the image size and type by r... Read more

    Affected Products : phpexcel phpspreadsheet
    • Published: Oct. 07, 2024
    • Modified: Oct. 16, 2024

  • 7.1

    HIGH
    CVE-2024-45060

    PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting (XSS) vulnerability due to improper handling of input where a number is expected leading t... Read more

    Affected Products : phpexcel phpspreadsheet
    • Published: Oct. 07, 2024
    • Modified: Oct. 17, 2024

  • 8.2

    HIGH
    CVE-2024-45051

    Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the l... Read more

    Affected Products : discourse
    • Published: Oct. 07, 2024
    • Modified: Oct. 19, 2024

  • 7.5

    HIGH
    CVE-2024-43789

    Discourse is an open source platform for community discussion. A user can create a post with many replies, and then attempt to fetch them all at once. This can potentially reduce the availability of a Discourse instance. This problem has been patched in t... Read more

    Affected Products : discourse
    • Published: Oct. 07, 2024
    • Modified: Oct. 19, 2024

  • 8.2

    HIGH
    CVE-2024-43365

    Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected ... Read more

    Affected Products : cacti
    • Published: Oct. 07, 2024
    • Modified: Oct. 16, 2024

  • 8.2

    HIGH
    CVE-2024-43364

    Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.p... Read more

    Affected Products : cacti
    • Published: Oct. 07, 2024
    • Modified: Oct. 17, 2024

  • 7.2

    HIGH
    CVE-2024-43363

    Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need ... Read more

    Affected Products : cacti
    • Published: Oct. 07, 2024
    • Modified: Oct. 17, 2024

  • 7.3

    HIGH
    CVE-2024-43362

    Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function... Read more

    Affected Products : cacti
    • Published: Oct. 07, 2024
    • Modified: Oct. 17, 2024

  • 6.7

    MEDIUM
    CVE-2024-47976

    Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.... Read more

    Affected Products :
    • Published: Oct. 07, 2024
    • Modified: Mar. 13, 2025

  • 4.0

    MEDIUM
    CVE-2024-47972

    Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.... Read more

    Affected Products :
    • Published: Oct. 07, 2024
    • Modified: Nov. 06, 2024

  • 6.5

    MEDIUM
    CVE-2024-47971

    Improper error handling in firmware of some SSD DC Products may allow an attacker to enable denial of service.... Read more

    Affected Products :
    • Published: Oct. 07, 2024
    • Modified: Feb. 10, 2025

  • 6.4

    MEDIUM
    CVE-2024-47079

    Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not h... Read more

    • Published: Oct. 07, 2024
    • Modified: Oct. 10, 2024

  • 7.5

    HIGH
    CVE-2024-45293

    PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white-spaces. On servers that... Read more

    Affected Products : phpexcel phpspreadsheet
    • Published: Oct. 07, 2024
    • Modified: Mar. 07, 2025

  • 5.4

    MEDIUM
    CVE-2024-45292

    PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. `\PhpOffice\PhpSpreadsheet\Writer\Html` does not sanitize "javascript:" URLs from hyperlink `href` attributes, resulting in a Cross-Site Scripting vulnerability. This issue ha... Read more

    Affected Products : phpexcel phpspreadsheet
    • Published: Oct. 07, 2024
    • Modified: Mar. 07, 2025

  • 8.8

    HIGH
    CVE-2024-31449

    Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists ... Read more

    Affected Products : redis
    • Published: Oct. 07, 2024
    • Modified: Sep. 04, 2025

  • 6.5

    MEDIUM
    CVE-2024-31228

    Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COM... Read more

    Affected Products : redis
    • Published: Oct. 07, 2024
    • Modified: Sep. 04, 2025

  • 4.4

    MEDIUM
    CVE-2024-31227

    Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis ... Read more

    Affected Products : redis
    • Published: Oct. 07, 2024
    • Modified: Aug. 26, 2025

  • 7.0

    HIGH
    CVE-2024-47975

    Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access or an attacker with local access to potentially enable denial of service.... Read more

    Affected Products :
    • Published: Oct. 07, 2024
    • Modified: Aug. 27, 2025
Showing 20 of 294860 Results