Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-44500

    Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR... Read more

    Affected Products : macos windows illustrator
    • EPSS Score: %0.04
    • Published: Dec. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-44499

    Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR... Read more

    Affected Products : macos windows illustrator
    • EPSS Score: %0.04
    • Published: Dec. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-43640

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • EPSS Score: %0.58
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-42862

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to bypass Privacy preferences.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.01
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42846

    The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.04
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42821

    A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks.... Read more

    Affected Products : macos
    • EPSS Score: %0.01
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42790

    A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.06
    • Published: Nov. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-42325

    Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.03
    • Published: Nov. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-41104

    Microsoft Excel Security Feature Bypass Vulnerability... Read more

    • EPSS Score: %0.44
    • Published: Nov. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38864

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.... Read more

    Affected Products : debian_linux mplayer mencoder
    • EPSS Score: %0.04
    • Published: Sep. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38855

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.... Read more

    Affected Products : debian_linux mplayer mencoder
    • EPSS Score: %0.04
    • Published: Sep. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-38851

    Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.... Read more

    Affected Products : debian_linux mplayer mencoder
    • EPSS Score: %0.03
    • Published: Sep. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-37383

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • EPSS Score: %0.86
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-37382

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • EPSS Score: %1.04
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-37380

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • EPSS Score: %1.04
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-3644

    The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.... Read more

    • EPSS Score: %0.03
    • Published: Oct. 25, 2022
    • Modified: May. 07, 2025

  • 5.5

    MEDIUM
    CVE-2022-3483

    An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 15.3.5, all versions starting from 15.4 before 15.4.4, all versions starting from 15.5 before 15.5.2. A malicious maintainer could exfiltrate a Datadog integrati... Read more

    Affected Products : gitlab
    • EPSS Score: %0.21
    • Published: Nov. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34266

    The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as ... Read more

    Affected Products : libtiff linux_2
    • EPSS Score: %0.03
    • Published: Jul. 19, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34248

    Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage t... Read more

    Affected Products : macos windows indesign
    • EPSS Score: %0.12
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-33197

    Craft is a CMS for creating custom digital experiences on the web. Cross-site scripting (XSS) can be triggered via the Update Asset Index utility. This issue has been patched in version 4.4.6. ... Read more

    Affected Products : craft_cms
    • EPSS Score: %0.30
    • Published: May. 26, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291890 Results