Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-28477

    Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter.... Read more

    Affected Products : concrete_cms concrete5
    • Published: Apr. 28, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-21495

    Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.... Read more

    Affected Products : android android dex
    • Published: May. 04, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38685

    In bluetooth service, there is a possible missing permission check. This could lead to local denial of service in bluetooth service with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44419

    In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-47487

    In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-48233

    In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-48370

    In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-48371

    In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-48376

    In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-48379

    In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: May. 09, 2023
    • Modified: Jan. 28, 2025

  • 5.5

    MEDIUM
    CVE-2023-30088

    An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c.... Read more

    Affected Products : mjs
    • Published: May. 09, 2023
    • Modified: Jan. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-25976

    Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : virtual_raid_on_cpu
    • Published: May. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-41621

    Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : quickassist_technology
    • Published: May. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-46645

    Uncontrolled resource consumption in the Intel(R) Smart Campus Android application before version 9.9 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products : smart_campus
    • Published: May. 10, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-2782

    Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.3.1-38.... Read more

    Affected Products : cyber_infrastructure
    • Published: May. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-40108

    In multiple locations, there is a possible way to access media content belonging to another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee... Read more

    Affected Products : android
    • Published: Jan. 21, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2023-2871

    A vulnerability was found in FabulaTech USB for Remote Desktop 6.1.0.0. It has been rated as problematic. Affected by this issue is the function 0x220448/0x220420/0x22040c/0x220408 of the component IoControlCode Handler. The manipulation leads to null poi... Read more

    Affected Products : usb_for_remote_desktop
    • Published: May. 24, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-2875

    A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulation leads to null pointer dereferenc... Read more

    Affected Products : escan_anti-virus
    • Published: May. 24, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-2436

    The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blog_in_blog' shortcode in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ... Read more

    Affected Products : blog-in-blog
    • Published: May. 31, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-33719

    mp4v2 v2.1.3 was discovered to contain a memory leak via MP4SdpAtom::Read() at atom_sdp.cpp... Read more

    Affected Products : mp4v2
    • Published: Jun. 01, 2023
    • Modified: Jan. 09, 2025
Showing 20 of 294282 Results