Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-38879

    A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public net... Read more

    Affected Products : omnivise_t3000_application_server
    • Published: Aug. 02, 2024
    • Modified: Sep. 20, 2024

  • 9.1

    CRITICAL
    CVE-2024-8875

    A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this vulnerability is an unknown functionality of the file /wex/finder.php. The manipulation of the argument p leads to path traversal. The attack can be launched rem... Read more

    Affected Products : wcms
    • Published: Sep. 15, 2024
    • Modified: Sep. 20, 2024

  • 9.3

    CRITICAL
    CVE-2024-8752

    The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.... Read more

    Affected Products : windows webiq
    • Published: Sep. 16, 2024
    • Modified: Sep. 20, 2024

  • 9.8

    CRITICAL
    CVE-2024-45595

    D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.14.1 where the "Custom Filter" input is t... Read more

    Affected Products : d-tale
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 8.2

    HIGH
    CVE-2024-45592

    auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript injection. This is possible because `%source_label%` in ... Read more

    Affected Products : auditor-bundle
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 5.3

    MEDIUM
    CVE-2024-45591

    XWiki Platform is a generic wiki platform. The REST API exposes the history of any page in XWiki of which the attacker knows the name. The exposed information includes for each modification of the page the time of the modification, the version number, the... Read more

    Affected Products : xwiki
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 6.5

    MEDIUM
    CVE-2024-31490

    An exposure of sensitive information to an unauthorized actor in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.2 through 3.2.4 and 3.1.5 allows attacker to information disclosure via HTTP get req... Read more

    Affected Products : fortisandbox
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 7.3

    HIGH
    CVE-2024-33508

    An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthenticated attacker to execute limited and temporary opera... Read more

    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 4.6

    MEDIUM
    CVE-2024-35282

    A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical a... Read more

    Affected Products : forticlient forticlientios
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 3.7

    LOW
    CVE-2024-36511

    An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when c... Read more

    Affected Products : fortiadc
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 7.1

    HIGH
    CVE-2024-42423

    Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass e... Read more

    Affected Products : workspace thinos
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 8.1

    HIGH
    CVE-2024-31489

    AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and ... Read more

    Affected Products : forticlient forticlientems
    • Published: Sep. 10, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-23915

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::of13::InstructionSet::unpack. This issue affects libflu... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-23916

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionSet::unpack. This issue affects libfluid: 0.1.0.... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-31164

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionList::unpack13. This issue affects libfluid: 0.1.... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-31165

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::SetFieldAction::unpack. This issue affects libflui... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-31166

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::HelloElemVersionBitmap::unpack. This issue affects libfluid: 0.1.0.... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-31167

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack13. This issue affects libfluid... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-31168

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::EchoCommon::unpack. This issue affects libfluid: 0.1.0.... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 7.5

    HIGH
    CVE-2024-31169

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0.... Read more

    Affected Products : libfluid_msg
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024
Showing 20 of 291128 Results