Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-37042

    Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading... Read more

    Affected Products : collaboration
    • Actively Exploited
    • EPSS Score: %94.27
    • Published: Aug. 12, 2022
    • Modified: Mar. 13, 2025

  • 9.8

    CRITICAL
    CVE-2022-3671

    A vulnerability classified as critical was found in SourceCodester eLearning System 1.0. This vulnerability affects unknown code of the file /admin/students/manage.php. The manipulation of the argument id leads to sql injection. The attack can be initiate... Read more

    Affected Products : elearning_system elearning_system
    • EPSS Score: %0.04
    • Published: Oct. 26, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-36446

    software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.... Read more

    Affected Products : webmin
    • EPSS Score: %93.71
    • Published: Jul. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-36412

    In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)... Read more

    Affected Products : manageengine_supportcenter_plus
    • EPSS Score: %1.54
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-3620

    A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name ... Read more

    Affected Products : fedora exim
    • EPSS Score: %0.29
    • Published: Oct. 20, 2022
    • Modified: May. 23, 2025

  • 9.8

    CRITICAL
    CVE-2020-26154

    url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.... Read more

    Affected Products : fedora debian_linux leap libproxy
    • EPSS Score: %0.89
    • Published: Sep. 30, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-36179

    Fusiondirectory 1.3 suffers from Improper Session Handling.... Read more

    Affected Products : fusiondirectory
    • EPSS Score: %0.12
    • Published: Nov. 22, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-35929

    cosign is a container signing and verification utility. In versions prior to 1.10.1 cosign can report a false positive if any attestation exists. `cosign verify-attestation` used with the `--type` flag will report a false positive verification when there ... Read more

    Affected Products : cosign
    • EPSS Score: %0.20
    • Published: Aug. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-35914

    /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.... Read more

    Affected Products : glpi
    • Actively Exploited
    • EPSS Score: %94.40
    • Published: Sep. 19, 2022
    • Modified: Mar. 12, 2025

  • 9.8

    CRITICAL
    CVE-2022-35843

    An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0... Read more

    Affected Products : fortios fortiproxy
    • EPSS Score: %0.06
    • Published: Dec. 06, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-2555

    Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthen... Read more

    • Actively Exploited
    • EPSS Score: %93.16
    • Published: Jan. 15, 2020
    • Modified: Feb. 14, 2025

  • 9.8

    CRITICAL
    CVE-2020-2551

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthent... Read more

    Affected Products : weblogic_server
    • Actively Exploited
    • EPSS Score: %94.36
    • Published: Jan. 15, 2020
    • Modified: Feb. 14, 2025

  • 9.8

    CRITICAL
    CVE-2022-35712

    Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not r... Read more

    Affected Products : coldfusion
    • EPSS Score: %28.36
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-35711

    Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not r... Read more

    Affected Products : coldfusion
    • EPSS Score: %28.36
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-35710

    Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not ... Read more

    Affected Products : coldfusion
    • EPSS Score: %28.36
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-24361

    SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.... Read more

    Affected Products : debian_linux snmptt
    • EPSS Score: %0.57
    • Published: Aug. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-35690

    Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not ... Read more

    Affected Products : coldfusion
    • EPSS Score: %19.63
    • Published: Oct. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-34715

    Windows Network File System Remote Code Execution Vulnerability... Read more

    Affected Products : windows_server_2022
    • EPSS Score: %58.37
    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-34372

    Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registry API leading to an authentication bypass. The attacker... Read more

    Affected Products : powerprotect_cyber_recovery
    • EPSS Score: %0.17
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-3236

    A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.... Read more

    Affected Products : firewall firewall_firmware
    • Actively Exploited
    • EPSS Score: %92.73
    • Published: Sep. 23, 2022
    • Modified: Mar. 27, 2025
Showing 20 of 292055 Results