Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-48731

    In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devm_request_free_mem_region() and devm_memremap_pages() to add ZONE_DEVICE memory, if requested free mem region's end pfn we... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-48708

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "function" was deref... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Dec. 31, 2024

  • 5.5

    MEDIUM
    CVE-2022-48687

    In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is real... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48654

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() nf_osf_find() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nft_osf which ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48518

    Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package n... Read more

    Affected Products : emui harmonyos
    • Published: Jul. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48706

    In the Linux kernel, the following vulnerability has been resolved: vdpa: ifcvf: Do proper cleanup if IFCVF init fails ifcvf_mgmt_dev leaks memory if it is not freed before returning. Call is made to correct return statement so memory does not leak. ifc... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2022-48673

    In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completed with WC in IB_WC_WR_FLUSH_ERR status. Current implemen... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48460

    In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +3 more products
    • Published: Nov. 01, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48628

    In the Linux kernel, the following vulnerability has been resolved: ceph: drop messages from MDS when unmounting When unmounting all the dirty buffers will be flushed and after the last osd request is finished the last reference of the i_count will be r... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Jan. 13, 2025

  • 5.5

    MEDIUM
    CVE-2022-48303

    GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in ... Read more

    Affected Products : fedora tar
    • Published: Jan. 30, 2023
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2022-48305

    There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.... Read more

    Affected Products : simba-al00_firmware simba-al00
    • Published: Feb. 27, 2023
    • Modified: Mar. 11, 2025

  • 5.5

    MEDIUM
    CVE-2022-48310

    An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.... Read more

    Affected Products : connect
    • Published: Mar. 01, 2023
    • Modified: Mar. 07, 2025

  • 5.5

    MEDIUM
    CVE-2022-48463

    In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Dec. 04, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48545

    An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.... Read more

    Affected Products : xpdf
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48065

    GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.... Read more

    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48281

    processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.... Read more

    Affected Products : debian_linux libtiff
    • Published: Jan. 23, 2023
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2022-48067

    An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.... Read more

    Affected Products : a830r_firmware a830r
    • Published: Jan. 27, 2023
    • Modified: Mar. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-48063

    GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.... Read more

    Affected Products : binutils
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-47929

    In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc ... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Jan. 17, 2023
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2022-47662

    GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662... Read more

    Affected Products : gpac
    • Published: Jan. 05, 2023
    • Modified: Apr. 10, 2025
Showing 20 of 293511 Results