Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2024-43820

    In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning when being resumed after a table load because DM_RECOVERY_... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43284

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks allows Stored XSS.This issue affects WP Travel Gutenberg Blocks: from n/a through 3.5.1.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42295

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfs_btnode_create_block() Syzbot reported that a buffer state inconsistency was detected in nilfs_btnode_create_block(), triggering a kernel bug. ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42300

    In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in z_erofs_get_gbuf() In z_erofs_get_gbuf(), the current task may be migrated to another CPU between `z_erofs_gbuf_id()` and `spin_lock(&gbuf->lock)`. Therefore, z_erof... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42292

    In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS i... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42265

    In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42290

    In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clk_prepare(). However, on certain platforms like i.MX8QM and i.MX8QXP, ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43307

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Structured Content: from n/a through 1.6.2.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43303

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in videousermanuals.Com White Label CMS allows Reflected XSS.This issue affects White Label CMS: from n/a through 2.7.4.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43262

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in webriti Busiprof allows Stored XSS.This issue affects Busiprof: from n/a through 2.4.8.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43279

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.8.... Read more

    Affected Products : newsletters
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 5.4

    MEDIUM
    CVE-2024-25582

    Module savepoints could be abused to inject references to malicious code delivered through the same domain. Attackers could perform malicious API requests or extract information from the users account. Exploiting this vulnerability requires temporary acce... Read more

    Affected Products : open-xchange_appsuite ox_app_suite
    • Published: Aug. 19, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42273

    In the Linux kernel, the following vulnerability has been resolved: f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid mkdir /mnt/test/comp f2fs_io setflags compression /mnt/test/comp dd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1 truncate... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.9

    MEDIUM
    CVE-2024-7709

    A vulnerability, which was classified as problematic, has been found in OcoMon 4.0RC1/4.0/5.0RC1. This issue affects some unknown processing of the file /includes/common/require_access_recovery.php of the component URL Handler. The manipulation leads to c... Read more

    Affected Products : ocomon
    • Published: Aug. 13, 2024
    • Modified: Aug. 17, 2024

  • 7.8

    HIGH
    CVE-2024-43373

    webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundle... Read more

    Affected Products : windows webcrack
    • Published: Aug. 15, 2024
    • Modified: Aug. 16, 2024

  • 7.0

    HIGH
    CVE-2022-23817

    Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Aug. 16, 2024

  • 6.8

    MEDIUM
    CVE-2024-38161

    Windows Mobile Broadband Driver Remote Code Execution Vulnerability... Read more

    • Published: Aug. 13, 2024
    • Modified: Aug. 16, 2024

  • 9.1

    CRITICAL
    CVE-2024-38160

    Windows Network Virtualization Remote Code Execution Vulnerability... Read more

    • Published: Aug. 13, 2024
    • Modified: Aug. 16, 2024

  • 9.1

    CRITICAL
    CVE-2024-38159

    Windows Network Virtualization Remote Code Execution Vulnerability... Read more

    • Published: Aug. 13, 2024
    • Modified: Aug. 16, 2024

  • 8.8

    HIGH
    CVE-2024-38154

    Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability... Read more

    • Published: Aug. 13, 2024
    • Modified: Aug. 16, 2024
Showing 20 of 293355 Results