Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-41552

    Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center An... Read more

    • Published: Nov. 01, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41386

    The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.... Read more

    Affected Products : d8s-utility
    • Published: Oct. 11, 2022
    • Modified: May. 20, 2025

  • 9.8

    CRITICAL
    CVE-2022-41403

    OpenCart 3.x Newsletter Custom Popup was discovered to contain a SQL injection vulnerability via the email parameter at index.php?route=extension/module/so_newletter_custom_popup/newsletter.... Read more

    • Published: Oct. 12, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-41415

    Acer Altos W2000h-W570h F4 R01.03.0018 was discovered to contain a stack overflow in the RevserveMem component. This vulnerability allows attackers to cause a Denial of Service (DoS) via injecting crafted shellcode into the NVRAM variable.... Read more

    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-41238

    A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits.... Read more

    Affected Products : dotci
    • Published: Sep. 21, 2022
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-41384

    The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.... Read more

    Affected Products : d8s-domains
    • Published: Oct. 11, 2022
    • Modified: May. 20, 2025

  • 9.8

    CRITICAL
    CVE-2022-41138

    In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution.... Read more

    Affected Products : zutty
    • Published: Sep. 20, 2022
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-41018

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41006

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41008

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41019

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41001

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-40997

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41007

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41003

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-40999

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequ... Read more

    Affected Products : quartz-gold_firmware quartz-gold
    • Published: Jan. 26, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-40916

    Tiny File Manager v2.4.7 and below is vulnerable to session fixation.... Read more

    Affected Products : tiny_file_manager
    • Published: Feb. 06, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2022-40984

    Stack-based buffer overflow in WTViewerE series WTViewerE 761941 from 1.31 to 1.61 and WTViewerEfree from 1.01 to 1.52 allows an attacker to cause the product to crash by processing a long file name.... Read more

    Affected Products : wtviewere_761941 wtviewerefree
    • Published: Oct. 24, 2022
    • Modified: May. 07, 2025

  • 9.8

    CRITICAL
    CVE-2022-40889

    Phpok 6.1 has a deserialization vulnerability via framework/phpok_call.php.... Read more

    Affected Products : phpok
    • Published: Oct. 18, 2022
    • Modified: May. 13, 2025

  • 9.8

    CRITICAL
    CVE-2022-40942

    Tenda TX3 US_TX3V1.0br_V16.03.13.11 is vulnerable to stack overflow via compare_parentcontrol_time.... Read more

    Affected Products : tx3_firmware tx3
    • Published: Sep. 28, 2022
    • Modified: May. 21, 2025
Showing 20 of 293329 Results