Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-20440

    In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259918... Read more

    Affected Products : android
    • Published: Oct. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-1415

    Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455.... Read more

    Affected Products : webex_meetings webex_wrf_player_t29
    • Published: Sep. 03, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-29030

    A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow co... Read more

    Affected Products : jt2go teamcenter_visualization
    • Published: May. 20, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-39112

    In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025

  • 5.5

    MEDIUM
    CVE-2016-3884

    server/notification/NotificationManagerService.java in the Notification Manager Service in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 lacks uid checks, which allows attackers to bypass intended restrictions on method calls via a crafted appli... Read more

    Affected Products : android
    • Published: Sep. 11, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-39121

    In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 5.5

    MEDIUM
    CVE-2022-40885

    Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service.... Read more

    Affected Products : bento4
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-43677

    In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in aper.GetBitString.... Read more

    Affected Products : free5gc
    • Published: Oct. 24, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-33180

    A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”.... Read more

    Affected Products : fabric_operating_system
    • Published: Oct. 25, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-43148

    rtf2html v0.2.0 was discovered to contain a heap overflow in the component /rtf2html/./rtf_tools.h.... Read more

    Affected Products : rtf2html
    • Published: Oct. 31, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2016-3860

    sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 2932314... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-40276

    Zettlr version 2.3.0 allows an external attacker to remotely obtain arbitrary local files on any client that attempts to view a malicious markdown file through Zettlr. This is possible because the application does not have a CSP policy (or at least not st... Read more

    Affected Products : zettlr
    • Published: Nov. 03, 2022
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2022-44745

    Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.... Read more

    Affected Products : cyber_protect_home_office
    • Published: Nov. 07, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2016-6681

    drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a craf... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-6682

    drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a craf... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-3690

    The Popup Maker WordPress plugin before 1.16.11 does not sanitise and escape some of its Popup options, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks, which could be used against admins... Read more

    Affected Products : popup_maker
    • Published: Nov. 21, 2022
    • Modified: Apr. 29, 2025

  • 5.5

    MEDIUM
    CVE-2016-5600

    Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2022-38679

    In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025

  • 5.5

    MEDIUM
    CVE-2022-4216

    The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'facebook_appid' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenti... Read more

    Affected Products : chained_quiz
    • Published: Dec. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-56428

    The local iLabClient database in itech iLabClient 3.7.1 allows local attackers to read cleartext credentials (from the CONFIGS table) for their servers configured in the client.... Read more

    Affected Products : ilabclient
    • Published: May. 21, 2025
    • Modified: Jun. 25, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 294605 Results