Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2024-43358

    ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61.... Read more

    Affected Products : zoneminder
    • Published: Aug. 12, 2024
    • Modified: Sep. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-42437

    Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-42436

    Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-42435

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-42434

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 8.5

    HIGH
    CVE-2024-39825

    Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-39824

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-39823

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-39822

    Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 7.5

    HIGH
    CVE-2024-44820

    A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. When accessed with the query parameter phome=ShowPHPInfo, the application executes the phpinfo() function, which ... Read more

    Affected Products : zzcms
    • Published: Sep. 04, 2024
    • Modified: Sep. 04, 2024

  • 8.3

    HIGH
    CVE-2024-38868

    Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15... Read more

    Affected Products : manageengine_endpoint_central
    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 7.5

    HIGH
    CVE-2024-7927

    A vulnerability classified as critical was found in ZZCMS 2023. Affected by this vulnerability is an unknown functionality of the file /admin/class.php?dowhat=modifyclass. The manipulation of the argument skin[] leads to path traversal. The attack can be ... Read more

    Affected Products : zzcms
    • Published: Aug. 19, 2024
    • Modified: Sep. 04, 2024

  • 7.5

    HIGH
    CVE-2024-7926

    A vulnerability classified as critical has been found in ZZCMS 2023. Affected is an unknown function of the file /admin/about_edit.php?action=modify. The manipulation of the argument skin leads to path traversal. It is possible to launch the attack remote... Read more

    Affected Products : zzcms
    • Published: Aug. 19, 2024
    • Modified: Sep. 04, 2024

  • 5.5

    MEDIUM
    CVE-2022-48868

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 04, 2024

  • 5.5

    MEDIUM
    CVE-2022-48875

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 04, 2024

  • 8.7

    HIGH
    CVE-2024-39776

    Avtec Outpost stores sensitive information in an insecure location without proper access controls in place.... Read more

    • Published: Aug. 22, 2024
    • Modified: Sep. 04, 2024

  • 8.7

    HIGH
    CVE-2024-42418

    Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information.... Read more

    • Published: Aug. 22, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-8139

    A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file search_list.php. The manipulation of the argument user leads to sql injection. The att... Read more

    Affected Products : e-commerce_website
    • Published: Aug. 25, 2024
    • Modified: Sep. 04, 2024

  • 8.1

    HIGH
    CVE-2024-7745

    In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.... Read more

    Affected Products : ws_ftp_server
    • Published: Aug. 28, 2024
    • Modified: Sep. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-7744

    In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Travers... Read more

    Affected Products : ws_ftp_server
    • Published: Aug. 28, 2024
    • Modified: Sep. 04, 2024
Showing 20 of 290189 Results