Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-29237

    Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then impo... Read more

    Affected Products : opencast
    • Published: May. 24, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-42202

    An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-31287

    An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp.... Read more

    Affected Products : bento4
    • Published: Jun. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-0777

    A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-38342499.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-31752

    Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.... Read more

    Affected Products : emui magic_ui
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20205

    In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not neede... Read more

    Affected Products : android
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-31755

    The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-31307

    Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c.... Read more

    Affected Products : njs
    • Published: Jun. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-20082

    A vulnerability, which was classified as problematic, has been found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. This issue affects some unknown processing. The manipulation leads to backdoor. The attack needs to be approached locally. The exploit ... Read more

    • Published: Jun. 22, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2015-8486

    Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152.... Read more

    Affected Products : office
    • Published: Feb. 17, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-23717

    PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.... Read more

    • Published: Jun. 30, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-4138

    IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049.... Read more

    Affected Products : security_siteprotector_system
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34464

    A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.... Read more

    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-30758

    Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder.... Read more

    Affected Products : android dex
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-2340

    The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity r... Read more

    Affected Products : granite_data_services
    • Published: Mar. 25, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2020-23562

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.... Read more

    Affected Products : irfanview
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34640

    The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect.... Read more

    Affected Products : cva6
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34643

    RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory.... Read more

    Affected Products : spike_risc-v_isa_simulator
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-21559

    Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with lo... Read more

    Affected Products : commerce_platform
    • Published: Jul. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33440

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.... Read more

    Affected Products : mjs
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294690 Results