Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2022-30123

    A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.... Read more

    Affected Products : debian_linux rack rack
    • Published: Dec. 05, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30136

    Windows Network File System Remote Code Execution Vulnerability... Read more

    • Published: Jun. 15, 2022
    • Modified: Jan. 02, 2025

  • 10.0

    CRITICAL
    CVE-2022-2972

    MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code... Read more

    Affected Products : libiec61850
    • Published: Sep. 23, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-2970

    MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code.... Read more

    Affected Products : libiec61850
    • Published: Sep. 23, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2010-3559

    Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the prev... Read more

    Affected Products : jre sdk jdk
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2022-2422

    Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used.... Read more

    Affected Products : feathers-sequelize
    • Published: Oct. 26, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2008-4562

    Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-... Read more

    Affected Products : openview_network_node_manager
    • Published: Feb. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2022-29645

    TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample.... Read more

    Affected Products : a3100r_firmware a3100r
    • Published: May. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29560

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500 (All versions < 2.15.1), RUGGEDCOM ROX RX1501 (All vers... Read more

    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29591

    Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.... Read more

    Affected Products : tx9_pro_firmware tx9_pro
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29516

    The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2... Read more

    • Published: May. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29395

    TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.... Read more

    Affected Products : n600r_firmware n600r
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29392

    TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.... Read more

    Affected Products : n600r_firmware n600r
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29396

    TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.... Read more

    Affected Products : n600r_firmware n600r
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29326

    D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.... Read more

    Affected Products : dir-816_firmware dir-816
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29464

    Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../... Read more

    • Actively Exploited
    • Published: Apr. 18, 2022
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2022-29328

    D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade.... Read more

    Affected Products : dap-1330_firmware dap-1330
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29391

    TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.... Read more

    Affected Products : n600r_firmware n600r
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29394

    TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.... Read more

    Affected Products : n600r_firmware n600r
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29327

    D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.... Read more

    Affected Products : dir-816_firmware dir-816
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293353 Results