Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-29021

    A buffer overflow vulnerability exists in the razerkbd driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device.... Read more

    Affected Products : openrazer
    • EPSS Score: %0.11
    • Published: May. 20, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-29130

    Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability... Read more

    • EPSS Score: %8.53
    • Published: May. 10, 2022
    • Modified: Jan. 02, 2025

  • 9.8

    CRITICAL
    CVE-2021-38395

    Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.... Read more

    • EPSS Score: %0.14
    • Published: Oct. 28, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-7979

    Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.... Read more

    Affected Products : ghostscript
    • EPSS Score: %1.61
    • Published: May. 23, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2016-7984

    The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().... Read more

    Affected Products : tcpdump
    • EPSS Score: %0.93
    • Published: Jan. 28, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2022-31689

    VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token.... Read more

    Affected Products : workspace_one_assist
    • EPSS Score: %0.57
    • Published: Nov. 09, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2018-18312

    Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.... Read more

    • EPSS Score: %9.34
    • Published: Dec. 05, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-34476

    ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.... Read more

    Affected Products : firefox
    • EPSS Score: %0.26
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-36320

    Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary cod... Read more

    Affected Products : firefox
    • EPSS Score: %0.31
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-27971

    Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.... Read more

    • EPSS Score: %0.64
    • Published: Apr. 28, 2023
    • Modified: Jan. 30, 2025

  • 9.8

    CRITICAL
    CVE-2022-45315

    Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.... Read more

    Affected Products : routeros
    • EPSS Score: %0.70
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-41794

    A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability... Read more

    Affected Products : debian_linux openimageio
    • EPSS Score: %0.36
    • Published: Dec. 22, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41853

    Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpat... Read more

    Affected Products : debian_linux hypersql_database
    • EPSS Score: %70.78
    • Published: Oct. 06, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-42756

    Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve ... Read more

    Affected Products : fortiweb
    • EPSS Score: %82.16
    • Published: Feb. 16, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9013

    Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the databas... Read more

    Affected Products : ubuntu_linux fedora django
    • EPSS Score: %2.72
    • Published: Dec. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2021-21994

    SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.... Read more

    Affected Products : esxi cloud_foundation
    • EPSS Score: %0.11
    • Published: Jul. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-46280

    A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file t... Read more

    Affected Products : open_babel
    • EPSS Score: %0.34
    • Published: Jul. 21, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-46353

    A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA... Read more

    • EPSS Score: %1.40
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-34470

    Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • EPSS Score: %0.15
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-37460

    Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary fi... Read more

    Affected Products : plexus-archiver
    • EPSS Score: %36.05
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291615 Results