Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2024-42266

    In the Linux kernel, the following vulnerability has been resolved: btrfs: make cow_file_range_inline() honor locked_page on error The btrfs buffered write path runs through __extent_writepage() which has some tricky return value handling for writepage_... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 7.2

    HIGH
    CVE-2023-3416

    The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'subscriptionCouponId' parameter via the 'create_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied... Read more

    Affected Products :
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43305

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Code Amp Custom Layouts – Post + Product grids made easy allows Stored XSS.This issue affects Custom Layouts – Post + Product grids made easy: fro... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 5.3

    MEDIUM
    CVE-2024-43350

    Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This issue affects Propovoice CRM: from n/a through 1.7.6.4.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42267

    In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error() Handle VM_FAULT_SIGSEGV in the page fault path so that we correctly kill the process and we don't BUG() the kernel.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42265

    In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42276

    In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition t... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-43832

    In the Linux kernel, the following vulnerability has been resolved: s390/uv: Don't call folio_wait_writeback() without a folio reference folio_wait_writeback() requires that no spinlocks are held and that a folio reference is held, as documented. After ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42279

    In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rx_len == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subs... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.4

    MEDIUM
    CVE-2024-7703

    The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input ... Read more

    Affected Products : armember
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43349

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AREOI All Bootstrap Blocks allows Stored XSS.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.... Read more

    Affected Products : all_bootstrap_blocks
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42273

    In the Linux kernel, the following vulnerability has been resolved: f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid mkdir /mnt/test/comp f2fs_io setflags compression /mnt/test/comp dd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1 truncate... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42274

    In the Linux kernel, the following vulnerability has been resolved: Revert "ALSA: firewire-lib: operate for period elapse event in process context" Commit 7ba5ca32fe6e ("ALSA: firewire-lib: operate for period elapse event in process context") removed th... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 5.3

    MEDIUM
    CVE-2024-35686

    Missing Authorization vulnerability in Automattic Sensei LMS, Automattic Sensei Pro (WC Paid Courses).This issue affects Sensei LMS: from n/a through 4.23.1; Sensei Pro (WC Paid Courses): from n/a through 4.23.1.1.23.1.... Read more

    Affected Products : sensei_lms
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42321

    In the Linux kernel, the following vulnerability has been resolved: net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42260

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43351

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Bravada bravada allows Stored XSS.This issue affects Bravada: from n/a through 1.1.2.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43246

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in creativeon WHMpress allows Reflected XSS.This issue affects WHMpress: from n/a through 6.2-revision-5.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43267

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 8.5

    HIGH
    CVE-2024-43207

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Valiano Unite Gallery Lite.This issue affects Unite Gallery Lite: from n/a through 1.7.62.... Read more

    Affected Products : unite_gallery_lite
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024
Showing 20 of 294858 Results