Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-4012

    A vulnerability classified as critical has been found in Hospital Management Center. Affected is an unknown function of the file patient-info.php. The manipulation of the argument pt_id leads to sql injection. It is possible to launch the attack remotely.... Read more

    Affected Products : hospital_management_center
    • EPSS Score: %0.04
    • Published: Nov. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-4136

    Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method.... Read more

    Affected Products : leadshop
    • EPSS Score: %0.09
    • Published: Nov. 24, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-4011

    A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for log... Read more

    Affected Products : simple_history
    • EPSS Score: %0.07
    • Published: Nov. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-4051

    A vulnerability has been found in Hostel Searching Project and classified as critical. This vulnerability affects unknown code of the file view-property.php. The manipulation of the argument property_id leads to sql injection. The attack can be initiated ... Read more

    Affected Products : hostel_searching_project
    • EPSS Score: %0.06
    • Published: Nov. 17, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-4015

    A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/make_payments.php. The manipulation of the argument m_id/plan leads to sql injection. It is possible to initi... Read more

    Affected Products : sports_club_management_system
    • EPSS Score: %0.06
    • Published: Nov. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-17721

    CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.... Read more

    Affected Products : beims_contractorweb_.net
    • EPSS Score: %6.94
    • Published: Dec. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-7103

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged con... Read more

    Affected Products : iphone_os tvos watchos
    • EPSS Score: %4.93
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2022-48716

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer->reg, which is not same as port id. port id should be derived from chan_info array. So fi... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Apr. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-48565

    An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.... Read more

    Affected Products : debian_linux python
    • EPSS Score: %3.70
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-48522

    In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.... Read more

    Affected Products : perl
    • EPSS Score: %9.92
    • Published: Aug. 22, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-48335

    Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow.... Read more

    Affected Products : trusted_application
    • EPSS Score: %0.12
    • Published: Jun. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-48477

    In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing ... Read more

    Affected Products : hub
    • EPSS Score: %0.00
    • Published: Apr. 24, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-48472

    A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions include:BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta,BiSheng-WNM FW 3.0.0.325,BiSheng-WNM FW 2.0.0.... Read more

    • EPSS Score: %1.42
    • Published: Jun. 16, 2023
    • Modified: Dec. 17, 2024

  • 9.8

    CRITICAL
    CVE-2022-48283

    A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions.... Read more

    Affected Products : hilink_ai_life
    • EPSS Score: %0.10
    • Published: Feb. 27, 2023
    • Modified: Mar. 11, 2025

  • 9.8

    CRITICAL
    CVE-2022-48252

    The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via nmap_scan.php (scan parameter) OS Command Injection.... Read more

    Affected Products : pi.alert
    • EPSS Score: %1.32
    • Published: Jan. 11, 2023
    • Modified: Apr. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-48195

    An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authenticat... Read more

    Affected Products : sasl
    • EPSS Score: %0.33
    • Published: Dec. 31, 2022
    • Modified: Apr. 11, 2025

  • 9.8

    CRITICAL
    CVE-2022-48337

    GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use th... Read more

    Affected Products : debian_linux emacs
    • EPSS Score: %0.28
    • Published: Feb. 20, 2023
    • Modified: Mar. 18, 2025

  • 9.8

    CRITICAL
    CVE-2022-48066

    An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie.... Read more

    Affected Products : a830r_firmware a830r
    • EPSS Score: %0.05
    • Published: Jan. 27, 2023
    • Modified: Mar. 28, 2025

  • 9.8

    CRITICAL
    CVE-2022-48121

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.... Read more

    Affected Products : a7100ru_firmware a7100ru
    • EPSS Score: %1.45
    • Published: Jan. 20, 2023
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2022-47966

    Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make ... Read more

    • Actively Exploited
    • EPSS Score: %94.43
    • Published: Jan. 18, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292523 Results