Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-34134

    Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this iss... Read more

    Affected Products : macos windows illustrator
    • Published: Aug. 14, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-41873

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-41872

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-41870

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 7.8

    HIGH
    CVE-2024-39377

    Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu... Read more

    Affected Products : macos media_encoder windows
    • Published: Sep. 13, 2024
    • Modified: Sep. 16, 2024

  • 8.4

    HIGH
    CVE-2024-6789

    A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files... Read more

    Affected Products : m-files_server
    • Published: Aug. 27, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-44995

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf re... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 15, 2024

  • 7.8

    HIGH
    CVE-2024-46687

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() [BUG] There is an internal report that KASAN is reporting use-after-free, with the following backtrace: BU... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-46686

    In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and reaching the rdma_readwrite_threshold.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-46685

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 9.8

    CRITICAL
    CVE-2024-8762

    A vulnerability was found in code-projects Crud Operation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatedata.php. The manipulation of the argument sid leads to sql injection. It is possible to initiate the... Read more

    Affected Products : crud_operation_system
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 8.1

    HIGH
    CVE-2024-8754

    An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to squat on accounts via linking arbitrary unclaimed provid... Read more

    Affected Products : gitlab
    • Published: Sep. 12, 2024
    • Modified: Sep. 14, 2024

  • 7.2

    HIGH
    CVE-2024-8280

    An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection or cause a recoverable denial of service using a specially crafted file.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-4550

    A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 7.2

    HIGH
    CVE-2024-8278

    A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 7.2

    HIGH
    CVE-2024-8281

    An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input in the XCC SSH captive shell.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 6.8

    MEDIUM
    CVE-2024-7756

    A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 6.7

    MEDIUM
    CVE-2024-45105

    An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 8.8

    HIGH
    CVE-2024-43099

    The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this s... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024

  • 7.2

    HIGH
    CVE-2024-8279

    A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.... Read more

    Affected Products :
    • Published: Sep. 13, 2024
    • Modified: Sep. 14, 2024
Showing 20 of 292720 Results