Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2024-41613

    A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note.... Read more

    Affected Products : symphony_cms
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 5.3

    MEDIUM
    CVE-2024-41941

    A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without... Read more

    Affected Products : sinec_nms
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 9.4

    CRITICAL
    CVE-2024-41940

    A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privilege... Read more

    Affected Products : sinec_nms
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 8.8

    HIGH
    CVE-2024-41939

    A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the applicatio... Read more

    Affected Products : sinec_nms
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-41938

    A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary cert... Read more

    Affected Products : sinec_nms
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 5.4

    MEDIUM
    CVE-2024-41907

    A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to c... Read more

    Affected Products : sinec_traffic_analyzer
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 6.5

    MEDIUM
    CVE-2024-41906

    A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data s... Read more

    Affected Products : sinec_traffic_analyzer
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 7.6

    HIGH
    CVE-2024-41905

    A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get a... Read more

    Affected Products : sinec_traffic_analyzer
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024

  • 5.9

    MEDIUM
    CVE-2023-35123

    Uncaught exception in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.14-0, bhs-0.27 may allow an authenticated user to potentially enable denial of service via network access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-25939

    Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 4.6

    MEDIUM
    CVE-2023-48361

    Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.8

    MEDIUM
    CVE-2024-22374

    Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.9

    MEDIUM
    CVE-2024-24980

    Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-28953

    Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-21769

    Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 7.8

    HIGH
    CVE-2023-42667

    Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 8.1

    HIGH
    CVE-2023-49144

    Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 6.7

    MEDIUM
    CVE-2023-34424

    Improper input validation in firmware for some Intel(R) CSME may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 5.7

    MEDIUM
    CVE-2023-40067

    Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 7.1

    HIGH
    CVE-2024-21787

    Inadequate encryption strength for some BMRA software before version 22.08 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
Showing 20 of 294799 Results