Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.7

    HIGH
    CVE-2023-43626

    Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : atom_c5325_firmware
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 8.7

    HIGH
    CVE-2023-41833

    A race condition in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 6.9

    MEDIUM
    CVE-2023-23904

    NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 8.3

    HIGH
    CVE-2024-23599

    Race condition in Seamless Firmware Updates for some Intel(R) reference platforms may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 2.5

    LOW
    CVE-2023-25546

    Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 6.8

    MEDIUM
    CVE-2023-43753

    Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 7.2

    HIGH
    CVE-2024-21781

    Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 7.5

    HIGH
    CVE-2024-21871

    Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : xeon_d-2799_firmware
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 6.9

    MEDIUM
    CVE-2023-22351

    Out-of-bounds write in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 6.8

    MEDIUM
    CVE-2024-23984

    Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 8.7

    HIGH
    CVE-2024-21829

    Improper input validation in UEFI firmware error handler for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 5.6

    MEDIUM
    CVE-2024-24968

    Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.... Read more

    Affected Products :
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 8.7

    HIGH
    CVE-2023-42772

    Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : xeon_d-2799_firmware
    • Published: Sep. 16, 2024
    • Modified: Sep. 16, 2024

  • 7.5

    HIGH
    CVE-2024-45854

    Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when a ‘describe’ query is run on it.... Read more

    Affected Products : mindsdb
    • Published: Sep. 12, 2024
    • Modified: Sep. 16, 2024

  • 7.5

    HIGH
    CVE-2024-45853

    Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when used for a prediction.... Read more

    Affected Products : mindsdb
    • Published: Sep. 12, 2024
    • Modified: Sep. 16, 2024

  • 8.8

    HIGH
    CVE-2024-45852

    Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded model to run arbitrary code on the server when interacted with.... Read more

    Affected Products : mindsdb
    • Published: Sep. 12, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-34127

    InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of... Read more

    Affected Products : macos windows indesign
    • Published: Aug. 14, 2024
    • Modified: Sep. 16, 2024

  • 8.8

    HIGH
    CVE-2024-45851

    An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be... Read more

    Affected Products : mindsdb
    • Published: Sep. 12, 2024
    • Modified: Sep. 16, 2024

  • 8.8

    HIGH
    CVE-2024-45850

    An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be... Read more

    Affected Products : mindsdb
    • Published: Sep. 12, 2024
    • Modified: Sep. 16, 2024

  • 8.8

    HIGH
    CVE-2024-45849

    An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be... Read more

    Affected Products : mindsdb
    • Published: Sep. 12, 2024
    • Modified: Sep. 16, 2024
Showing 20 of 292795 Results