Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-46718

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jun. 23, 2023
    • Modified: Dec. 05, 2024

  • 5.5

    MEDIUM
    CVE-2022-46710

    A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Jun. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-46703

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. An app may be able to read sensitive location information... Read more

    Affected Products : macos iphone_os ipados
    • Published: Apr. 10, 2023
    • Modified: Feb. 11, 2025

  • 5.5

    MEDIUM
    CVE-2022-46490

    GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.... Read more

    Affected Products : gpac
    • Published: Jan. 05, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-46457

    NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.... Read more

    Affected Products : netwide_assembler nasm
    • Published: Jan. 04, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-46486

    A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.... Read more

    Affected Products : scone
    • Published: Dec. 30, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-45869

    A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.... Read more

    Affected Products : linux_kernel
    • Published: Nov. 30, 2022
    • Modified: Apr. 24, 2025

  • 5.5

    MEDIUM
    CVE-2022-45386

    Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.... Read more

    Affected Products : violations
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 5.5

    MEDIUM
    CVE-2017-6009

    An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negativ... Read more

    • Published: Feb. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-45154

    A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of ... Read more

    • Published: Feb. 15, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-45146

    An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zer... Read more

    • Published: Nov. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44517

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-44498

    Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR... Read more

    Affected Products : macos windows illustrator
    • Published: Dec. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44519

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-44422

    In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 04, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-45109

    Improper initialization for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    • Published: Nov. 14, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44431

    In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 04, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-44612

    Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.... Read more

    Affected Products : unison
    • Published: Aug. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44424

    In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +4 more products
    • Published: Jan. 04, 2023
    • Modified: Apr. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-44316

    PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexGetStringConstant function in lex.c when called from LexScanGetToken.... Read more

    Affected Products : picoc
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025
Showing 20 of 293499 Results