Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-31689

    VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token.... Read more

    Affected Products : workspace_one_assist
    • EPSS Score: %0.57
    • Published: Nov. 09, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2018-18312

    Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.... Read more

    • EPSS Score: %8.54
    • Published: Dec. 05, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-34476

    ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.... Read more

    Affected Products : firefox
    • EPSS Score: %0.26
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-36320

    Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary cod... Read more

    Affected Products : firefox
    • EPSS Score: %0.31
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-27971

    Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.... Read more

    • EPSS Score: %0.64
    • Published: Apr. 28, 2023
    • Modified: Jan. 30, 2025

  • 9.8

    CRITICAL
    CVE-2022-45315

    Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.... Read more

    Affected Products : routeros
    • EPSS Score: %0.93
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-41794

    A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability... Read more

    Affected Products : debian_linux openimageio
    • EPSS Score: %0.36
    • Published: Dec. 22, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-41853

    Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpat... Read more

    Affected Products : debian_linux hypersql_database
    • EPSS Score: %70.78
    • Published: Oct. 06, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-42756

    Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve ... Read more

    Affected Products : fortiweb
    • EPSS Score: %82.16
    • Published: Feb. 16, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-9013

    Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the databas... Read more

    Affected Products : ubuntu_linux fedora django
    • EPSS Score: %2.72
    • Published: Dec. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2021-21994

    SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.... Read more

    Affected Products : esxi cloud_foundation
    • EPSS Score: %0.10
    • Published: Jul. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-46280

    A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file t... Read more

    Affected Products : open_babel
    • EPSS Score: %0.34
    • Published: Jul. 21, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-46353

    A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA... Read more

    • EPSS Score: %1.40
    • Published: Dec. 13, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-34470

    Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • EPSS Score: %0.15
    • Published: Dec. 22, 2022
    • Modified: Apr. 15, 2025

  • 9.8

    CRITICAL
    CVE-2023-37460

    Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary fi... Read more

    Affected Products : plexus-archiver
    • EPSS Score: %36.05
    • Published: Jul. 25, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2023-37920

    Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates ... Read more

    • EPSS Score: %0.11
    • Published: Jul. 25, 2023
    • Modified: Feb. 13, 2025

  • 9.8

    CRITICAL
    CVE-2023-1708

    An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim mach... Read more

    Affected Products : gitlab
    • EPSS Score: %6.08
    • Published: Apr. 05, 2023
    • Modified: Feb. 10, 2025

  • 9.8

    CRITICAL
    CVE-2023-20162

    Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affe... Read more

    • EPSS Score: %0.30
    • Published: May. 18, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-7546

    PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.... Read more

    Affected Products : debian_linux postgresql
    • EPSS Score: %33.20
    • Published: Aug. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2023-40267

    GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.... Read more

    Affected Products : gitpython
    • EPSS Score: %0.34
    • Published: Aug. 11, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291806 Results