Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-47946

    An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Dec. 23, 2022
    • Modified: Apr. 15, 2025

  • 5.5

    MEDIUM
    CVE-2022-45869

    A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Nov. 30, 2022
    • Modified: Apr. 24, 2025

  • 5.5

    MEDIUM
    CVE-2022-44516

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-43045

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.04
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-42825

    This issue was addressed by removing additional entitlements. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file sy... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.02
    • Published: Nov. 01, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42310

    Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes alre... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.02
    • Published: Nov. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-41218

    In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.39
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-38437

    Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations s... Read more

    • EPSS Score: %0.10
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38406

    Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Explo... Read more

    Affected Products : macos windows incopy
    • EPSS Score: %0.03
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-3637

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlink_init of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a ... Read more

    Affected Products : linux_kernel bluez
    • EPSS Score: %0.02
    • Published: Oct. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-35758

    Windows Kernel Memory Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.27
    • Published: May. 31, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-35668

    Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage th... Read more

    • EPSS Score: %0.05
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-35017

    Advancecomp v2.3 was discovered to contain a heap buffer overflow.... Read more

    Affected Products : fedora advancecomp
    • EPSS Score: %0.03
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34708

    Windows Kernel Information Disclosure Vulnerability... Read more

    • EPSS Score: %3.88
    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-34495

    rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Jun. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34237

    Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabi... Read more

    • EPSS Score: %0.36
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-33070

    Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.... Read more

    Affected Products : fedora protobuf-c
    • EPSS Score: %0.05
    • Published: Jun. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-49627

    In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the ima_algo_array. Add the missing kfree() fo... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 11, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2022-3105

    An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-3101

    A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the fil... Read more

    • EPSS Score: %0.01
    • Published: Mar. 23, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291773 Results