Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-32567

    Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236... Read more

    Affected Products : avalanche
    • EPSS Score: %0.37
    • Published: Aug. 10, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-48284

    A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions.... Read more

    Affected Products : hilink_ai_life
    • EPSS Score: %0.10
    • Published: Feb. 27, 2023
    • Modified: Mar. 11, 2025

  • 9.8

    CRITICAL
    CVE-2022-48479

    The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.... Read more

    Affected Products : harmonyos
    • EPSS Score: %0.12
    • Published: May. 26, 2023
    • Modified: Jan. 15, 2025

  • 9.8

    CRITICAL
    CVE-2019-18316

    A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 1099/tcp. Pl... Read more

    Affected Products : sppa-t3000_application_server
    • EPSS Score: %1.72
    • Published: Dec. 12, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-48334

    Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow.... Read more

    Affected Products : trusted_application
    • EPSS Score: %0.08
    • Published: Jun. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-13919

    emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n,... Read more

    Affected Products : unleashed_firmware r310 r500 r600 t300 t301n t301s h320 h510 r710 +15 more products
    • EPSS Score: %0.77
    • Published: Jul. 28, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2018-19783

    Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel.... Read more

    • EPSS Score: %5.66
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-42772

    Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt vario... Read more

    • EPSS Score: %0.67
    • Published: Nov. 03, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-25011

    A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via th... Read more

    • EPSS Score: %0.62
    • Published: Dec. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-30481

    Food-order-and-table-reservation-system- 1.0 is vulnerable to SQL Injection in categorywise-menu.php via the catid parameters.... Read more

    • EPSS Score: %0.30
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-43003

    D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function.... Read more

    Affected Products : dir-816_firmware dir-816
    • EPSS Score: %0.38
    • Published: Oct. 26, 2022
    • Modified: May. 07, 2025

  • 9.8

    CRITICAL
    CVE-2022-43103

    Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.... Read more

    Affected Products : ac23_firmware ac23
    • EPSS Score: %0.09
    • Published: Nov. 03, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-4880

    A vulnerability was found in stakira OpenUtau. It has been classified as critical. This affects the function VoicebankInstaller of the file OpenUtau.Core/Classic/VoicebankInstaller.cs of the component ZIP Archive Handler. The manipulation leads to path tr... Read more

    Affected Products : openutau
    • EPSS Score: %0.09
    • Published: Jan. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-43262

    Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /hrm/controller/login.php.... Read more

    • EPSS Score: %0.07
    • Published: Nov. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-33362

    Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.... Read more

    Affected Products : piwigo
    • EPSS Score: %0.37
    • Published: May. 23, 2023
    • Modified: Apr. 16, 2025

  • 9.8

    CRITICAL
    CVE-2023-33338

    Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter.... Read more

    Affected Products : old_age_home_management_system
    • EPSS Score: %66.88
    • Published: May. 23, 2023
    • Modified: Jan. 31, 2025

  • 9.8

    CRITICAL
    CVE-2022-43755

    A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. This issue affects: SUSE Rancher Rancher versions prior to 2.6.10; Rancher versions ... Read more

    Affected Products : rancher rancher
    • EPSS Score: %0.10
    • Published: Feb. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9023

    Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php.... Read more

    Affected Products : exponent_cms
    • EPSS Score: %0.61
    • Published: Dec. 31, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-4395

    The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.... Read more

    Affected Products : membership_for_woocommerce
    • EPSS Score: %74.44
    • Published: Jan. 30, 2023
    • Modified: Mar. 27, 2025

  • 9.8

    CRITICAL
    CVE-2018-19925

    An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter.... Read more

    • EPSS Score: %0.26
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291722 Results