Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-1055

    A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit... Read more

    Affected Products : fedora directory_server
    • Published: Feb. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-0597

    A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some impor... Read more

    Affected Products : linux_kernel
    • Published: Feb. 23, 2023
    • Modified: Mar. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-0615

    A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to c... Read more

    Affected Products : linux_kernel
    • Published: Feb. 06, 2023
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2023-0593

    A path traversal vulnerability affects yaffshiv YAFFS filesystem extractor. By crafting a malicious YAFFS file, an attacker could force yaffshiv to write outside of the extraction directory. This issue affects yaffshiv up to version 0.1 included, which i... Read more

    Affected Products : yaffshiv
    • Published: Jan. 31, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-0483

    An issue has been discovered in GitLab affecting all versions starting from 12.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible for a project maintainer to extract a Datadog int... Read more

    Affected Products : gitlab
    • Published: Mar. 09, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-0204

    Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulne... Read more

    Affected Products : outlook
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2023-0446

    The My YouTube Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 3.0.12.1 due to insufficient input sanitization and output escaping. This makes it possible for authenti... Read more

    Affected Products : my_youtube_channel
    • Published: Jan. 23, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-0592

    A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1. ... Read more

    Affected Products : jefferson
    • Published: Jan. 31, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-0295

    The Launchpad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its settings parameters in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for authenti... Read more

    • Published: Jan. 13, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-0114

    A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to cleartext storage in a file or ... Read more

    • Published: Jan. 07, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4954

    The Waiting: One-click countdowns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown name in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authe... Read more

    Affected Products : waiting
    • Published: Oct. 20, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4818

    A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulatio... Read more

    Affected Products : open_studio_for_mdm
    • Published: Dec. 28, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4964

    Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.... Read more

    Affected Products : ubuntu_pipewire-pulse
    • Published: Jan. 24, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-4842

    A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was found. A local user could use this flaw to crash the system.... Read more

    Affected Products : linux_kernel
    • Published: Jan. 12, 2023
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2022-4610

    A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. ... Read more

    Affected Products : passwordstate
    • Published: Dec. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4415

    A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.... Read more

    Affected Products : systemd
    • Published: Jan. 11, 2023
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-4519

    The WP User plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,... Read more

    Affected Products : wp_user
    • Published: Dec. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-4365

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changin... Read more

    Affected Products : gitlab
    • Published: Jan. 12, 2023
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2022-4285

    An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.... Read more

    Affected Products : enterprise_linux fedora binutils
    • Published: Jan. 27, 2023
    • Modified: Mar. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-4121

    In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences.... Read more

    Affected Products : libetpan
    • Published: Jan. 17, 2023
    • Modified: Apr. 04, 2025
Showing 20 of 293605 Results