Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2024-38256

Windows Kernel-Mode Driver Information Disclosure Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_10_1507 windows +4 more products
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
7.5

HIGH

CVE-2024-38258

Windows Remote Desktop Licensing Service Information Disclosure Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2008_r2 +1 more products
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
7.5

HIGH

CVE-2024-38263

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2008_r2 +1 more products
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
8.8

HIGH

CVE-2024-38260

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2008_r2
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
7.1

HIGH

CVE-2024-43454

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2008_r2 +1 more products
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
9.8

CRITICAL

CVE-2024-43455

Windows Remote Desktop Licensing Service Spoofing Vulnerability...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows windows_server_2022_23h2 windows_server_23h2 windows_server_2012_r2 windows_server_2008_r2 +1 more products
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
7.2

HIGH

CVE-2024-43464

Microsoft SharePoint Server Remote Code Execution Vulnerability...

Affected Products : sharepoint_server
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
7.8

HIGH

CVE-2024-43465

Microsoft Excel Elevation of Privilege Vulnerability...

Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
6.5

MEDIUM

CVE-2024-7420

The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6. This is due to missing or incorrect nonce validation in the /admin/snippets.php file. This makes it possible for unau...

Affected Products : insert_php_code_snippet
Published: Aug. 15, 2024

Modified: Sep. 13, 2024
7.5

HIGH

CVE-2024-43466

Microsoft SharePoint Server Denial of Service Vulnerability...

Affected Products : sharepoint_server
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
7.3

HIGH

CVE-2024-43475

Microsoft Windows Admin Center Information Disclosure Vulnerability...

Affected Products : windows_server_2008 windows_server_2008_sp2
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
6.4

MEDIUM

CVE-2024-7144

The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slide_id' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitization and output escaping. This makes it possible for au...

Affected Products : jetelements
Published: Aug. 16, 2024

Modified: Sep. 13, 2024
8.8

HIGH

CVE-2024-7145

The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to incl...

Affected Products : jetelements
Published: Aug. 16, 2024

Modified: Sep. 13, 2024
7.6

HIGH

CVE-2024-43476

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability...

Affected Products : dynamics_365
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
8.5

HIGH

CVE-2024-43479

Microsoft Power Automate Desktop Remote Code Execution Vulnerability...

Affected Products : power_automate_for_desktop power_automate
Published: Sep. 10, 2024

Modified: Sep. 13, 2024
4.3

MEDIUM

CVE-2023-3408

The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'save_settings' function. This makes it possible for unauthenticated attackers ...

Affected Products : bricks
Published: Aug. 17, 2024

Modified: Sep. 13, 2024
8.8

HIGH

CVE-2024-8639

Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)...

Affected Products : android chrome edge_chromium
Published: Sep. 11, 2024

Modified: Sep. 13, 2024
8.8

HIGH

CVE-2024-8638

Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)...

Affected Products : chrome edge_chromium
Published: Sep. 11, 2024

Modified: Sep. 13, 2024
8.8

HIGH

CVE-2024-8637

Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)...

Affected Products : android chrome edge_chromium
Published: Sep. 11, 2024

Modified: Sep. 13, 2024
8.8

HIGH

CVE-2024-8636

Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)...

Affected Products : chrome edge_chromium
Published: Sep. 11, 2024

Modified: Sep. 13, 2024

Showing 20 of 292802 Results

Browse by Apps

Latest CVE Feed

5.5

7.5

7.5

8.8

7.1

9.8

7.2

7.8

6.5

7.5

7.3

6.4

8.8

7.6

8.5

4.3

8.8

8.8

8.8

8.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable