Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2024-8252

    The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes it possible for authenticated attackers, with Contributo... Read more

    Affected Products : clean_login
    • Published: Aug. 30, 2024
    • Modified: Sep. 03, 2024

  • 6.1

    MEDIUM
    CVE-2024-8274

    The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters from 'timeline_obj' in all versions up to, and including, 10.5 due to insufficient input sanitization and output escaping. This makes it po... Read more

    • Published: Aug. 30, 2024
    • Modified: Sep. 03, 2024

  • 5.5

    MEDIUM
    CVE-2022-48944

    In the Linux kernel, the following vulnerability has been resolved: sched: Fix yet more sched_fork() races Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an invalid sched_task_group") fixed a fork race vs cgroup, it opened up a race v... Read more

    Affected Products : linux_kernel
    • Published: Aug. 30, 2024
    • Modified: Sep. 03, 2024

  • 9.8

    CRITICAL
    CVE-2024-8331

    A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to in... Read more

    Affected Products : rapidcms
    • Published: Aug. 30, 2024
    • Modified: Sep. 03, 2024

  • 9.8

    CRITICAL
    CVE-2024-8332

    A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. The manipulation leads to sql injection. The attack can b... Read more

    Affected Products : sweet-cms
    • Published: Aug. 30, 2024
    • Modified: Sep. 03, 2024

  • 5.3

    MEDIUM
    CVE-2024-8370

    A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The manipulation of the argument force_serve_as with the inp... Read more

    Affected Products :
    • Published: Sep. 01, 2024
    • Modified: Sep. 03, 2024

  • 5.5

    MEDIUM
    CVE-2024-43861

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 20, 2024
    • Modified: Sep. 03, 2024

  • 5.5

    MEDIUM
    CVE-2024-43862

    In the Linux kernel, the following vulnerability has been resolved: net: wan: fsl_qmc_hdlc: Convert carrier_lock spinlock to a mutex The carrier_lock spinlock protects the carrier detection. While it is held, framer_get_status() is called which in turn ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 03, 2024

  • 5.5

    MEDIUM
    CVE-2024-43871

    In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), f... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 03, 2024

  • 5.5

    MEDIUM
    CVE-2024-43872

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lock... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 03, 2024

  • 7.8

    HIGH
    CVE-2024-43873

    In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never s... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 03, 2024

  • 5.5

    MEDIUM
    CVE-2024-43874

    In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if th... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 03, 2024

  • 7.5

    HIGH
    CVE-2024-5148

    A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a ... Read more

    Affected Products :
    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024

  • 7.5

    HIGH
    CVE-2024-23364

    Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).... Read more

    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024

  • 6.8

    MEDIUM
    CVE-2024-33016

    memory corruption when an invalid firehose patch command is invoked.... Read more

    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024

  • 5.1

    MEDIUM
    CVE-2024-8367

    A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to c1afe0cdb2b2766d9e24872c4e827f8b82a6cd31. It has been classified as problematic. Affected is an unknown function of the file src/main/java/uk/gov/hmcts/probate/service/No... Read more

    Affected Products :
    • Published: Sep. 01, 2024
    • Modified: Sep. 03, 2024

  • 8.4

    HIGH
    CVE-2024-33035

    Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.... Read more

    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024

  • 8.4

    HIGH
    CVE-2024-23365

    Memory corruption while releasing shared resources in MinkSocket listener thread.... Read more

    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024

  • 7.5

    HIGH
    CVE-2024-23358

    Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.... Read more

    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024

  • 6.5

    MEDIUM
    CVE-2024-45308

    HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc 1 with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existing notes. The affected existing note can then not be acces... Read more

    Affected Products : hedgedoc
    • Published: Sep. 02, 2024
    • Modified: Sep. 03, 2024
Showing 20 of 292095 Results