Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.3

    MEDIUM
    CVE-2024-45872

    Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. The vulnerability occurs due to insufficient validation of PSD files.... Read more

    Affected Products : bandiview
    • Published: Oct. 03, 2024
    • Modified: Apr. 28, 2025

  • 6.3

    MEDIUM
    CVE-2024-45871

    Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS).... Read more

    Affected Products : bandiview
    • Published: Oct. 03, 2024
    • Modified: Apr. 28, 2025

  • 3.3

    LOW
    CVE-2024-0125

    NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a ... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Sep. 18, 2025

  • 3.3

    LOW
    CVE-2024-0124

    NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a lim... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Sep. 18, 2025

  • 3.3

    LOW
    CVE-2024-0123

    NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit... Read more

    Affected Products : linux_kernel windows cuda_toolkit
    • Published: Oct. 03, 2024
    • Modified: Sep. 18, 2025

  • 6.5

    MEDIUM
    CVE-2024-45870

    Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in sub_0x3d80fc via a crafted POC file.... Read more

    Affected Products : bandiview
    • Published: Oct. 03, 2024
    • Modified: Apr. 28, 2025

  • 8.4

    HIGH
    CVE-2024-42415

    An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer... Read more

    Affected Products : libgsf
    • Published: Oct. 03, 2024
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2024-41922

    A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to tri... Read more

    Affected Products : anka_build_cloud
    • Published: Oct. 03, 2024
    • Modified: Dec. 18, 2024

  • 7.5

    HIGH
    CVE-2024-41163

    A directory traversal vulnerability exists in the archive functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this v... Read more

    Affected Products : anka_build_cloud
    • Published: Oct. 03, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-39755

    A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerab... Read more

    Affected Products : anka_build_cloud
    • Published: Oct. 03, 2024
    • Modified: Sep. 04, 2025

  • 8.4

    HIGH
    CVE-2024-36474

    An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory ... Read more

    Affected Products : libgsf
    • Published: Oct. 03, 2024
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2024-25590

    An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.... Read more

    Affected Products : recursor
    • Published: Oct. 03, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2024-9460

    A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the att... Read more

    Affected Products : online_shopping_portal
    • Published: Oct. 03, 2024
    • Modified: Oct. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-9100

    Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal.... Read more

    Affected Products : manageengine_analytics_plus
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 7.5

    HIGH
    CVE-2024-5803

    The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled.... Read more

    Affected Products :
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 5.4

    MEDIUM
    CVE-2024-47618

    Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed... Read more

    Affected Products : sulu
    • Published: Oct. 03, 2024
    • Modified: Oct. 08, 2024

  • 6.1

    MEDIUM
    CVE-2024-47617

    Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scrip... Read more

    Affected Products : sulu
    • Published: Oct. 03, 2024
    • Modified: Oct. 08, 2024

  • 7.5

    HIGH
    CVE-2024-47614

    async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability i... Read more

    Affected Products :
    • Published: Oct. 03, 2024
    • Modified: Oct. 04, 2024

  • 4.3

    MEDIUM
    CVE-2024-47554

    Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 ... Read more

    • Published: Oct. 03, 2024
    • Modified: Jul. 10, 2025

  • 8.8

    HIGH
    CVE-2024-9313

    Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them.... Read more

    Affected Products : authd
    • Published: Oct. 03, 2024
    • Modified: Aug. 26, 2025
Showing 20 of 294860 Results