Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-8106

    The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.8 via the download_user_ajax function. This makes it possible for authenticated attackers, with... Read more

    Affected Products : wp_extended
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 7.1

    HIGH
    CVE-2024-45050

    Ringer server is the server code for the Ringer messaging app. Prior to version 1.3.1, there is an issue with the messages loading route where Ringer Server does not check to ensure that the user loading the conversation is actually a member of that conve... Read more

    Affected Products :
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 9.8

    CRITICAL
    CVE-2024-44808

    An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter.... Read more

    Affected Products :
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 0.0

    NA
    CVE-2024-44948

    In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of the 640K-1MB region that uses separate MSRs. This fixed ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 0.0

    NA
    CVE-2024-45007

    In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Don't destroy workqueue from work item running on it Triggered by a kref decrement, destroy_workqueue() may be called from within a work item for destroying its own work... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 0.0

    NA
    CVE-2024-45008

    In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at input_mt_init_slots(), for num_slots is supplied from userspace using ioctl(UI_DEV_CREATE). Since nobody knows p... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 05, 2024

  • 6.1

    MEDIUM
    CVE-2024-43359

    ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.3... Read more

    Affected Products : zoneminder
    • Published: Aug. 12, 2024
    • Modified: Sep. 04, 2024

  • 9.8

    CRITICAL
    CVE-2024-43360

    ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61.... Read more

    Affected Products : zoneminder
    • Published: Aug. 12, 2024
    • Modified: Sep. 04, 2024

  • 6.1

    MEDIUM
    CVE-2024-43358

    ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61.... Read more

    Affected Products : zoneminder
    • Published: Aug. 12, 2024
    • Modified: Sep. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-42437

    Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-42436

    Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-42435

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-42434

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 8.5

    HIGH
    CVE-2024-39825

    Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-39824

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 4.9

    MEDIUM
    CVE-2024-39823

    Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 6.5

    MEDIUM
    CVE-2024-39822

    Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Sep. 04, 2024

  • 7.5

    HIGH
    CVE-2024-44820

    A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. When accessed with the query parameter phome=ShowPHPInfo, the application executes the phpinfo() function, which ... Read more

    Affected Products : zzcms
    • Published: Sep. 04, 2024
    • Modified: Sep. 04, 2024

  • 8.3

    HIGH
    CVE-2024-38868

    Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15... Read more

    Affected Products : manageengine_endpoint_central
    • Published: Aug. 30, 2024
    • Modified: Sep. 04, 2024

  • 7.5

    HIGH
    CVE-2024-7927

    A vulnerability classified as critical was found in ZZCMS 2023. Affected by this vulnerability is an unknown functionality of the file /admin/class.php?dowhat=modifyclass. The manipulation of the argument skin[] leads to path traversal. The attack can be ... Read more

    Affected Products : zzcms
    • Published: Aug. 19, 2024
    • Modified: Sep. 04, 2024
Showing 20 of 291963 Results