Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-3214

    Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to  1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories u... Read more

    Affected Products : diaenergie
    • EPSS Score: %3.10
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-31706

    The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.... Read more

    Affected Products : vrealize_log_insight
    • EPSS Score: %83.91
    • Published: Jan. 26, 2023
    • Modified: Apr. 02, 2025

  • 9.8

    CRITICAL
    CVE-2022-31704

    The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.... Read more

    Affected Products : vrealize_log_insight
    • EPSS Score: %78.52
    • Published: Jan. 26, 2023
    • Modified: Apr. 02, 2025

  • 9.8

    CRITICAL
    CVE-2022-31702

    vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.... Read more

    Affected Products : vrealize_network_insight
    • EPSS Score: %1.03
    • Published: Dec. 14, 2022
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-31687

    VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.... Read more

    Affected Products : workspace_one_assist
    • EPSS Score: %0.52
    • Published: Nov. 09, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-31657

    VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.... Read more

    • EPSS Score: %2.39
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-31656

    VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need... Read more

    • EPSS Score: %82.74
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-30601

    Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.... Read more

    • EPSS Score: %1.46
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-29503

    A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability.... Read more

    • EPSS Score: %0.22
    • Published: Sep. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-29361

    Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can o... Read more

    Affected Products : werkzeug
    • EPSS Score: %31.29
    • Published: May. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-28550

    Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will... Read more

    Affected Products : jhead
    • EPSS Score: %0.09
    • Published: Jun. 13, 2023
    • Modified: Jan. 03, 2025

  • 9.8

    CRITICAL
    CVE-2022-2826

    An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. TODO... Read more

    Affected Products : gitlab
    • EPSS Score: %0.08
    • Published: Oct. 28, 2022
    • Modified: May. 07, 2025

  • 9.8

    CRITICAL
    CVE-2022-28219

    Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.... Read more

    Affected Products : manageengine_adaudit_plus
    • EPSS Score: %93.96
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-28206

    An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidator.php in the FileImporter extension mishandles the check for edit rights.... Read more

    Affected Products : mediawiki
    • EPSS Score: %0.36
    • Published: Mar. 30, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-27811

    GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename.... Read more

    Affected Products : ocrfeeder
    • EPSS Score: %4.05
    • Published: Mar. 24, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-27596

    A vulnerability has been reported to affect QNAP device running QuTS hero, QTS. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QuTS hero, QTS: QuTS h... Read more

    Affected Products : quts_hero qts
    • EPSS Score: %26.01
    • Published: Jan. 30, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-26945

    go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0.... Read more

    Affected Products : go-getter
    • EPSS Score: %0.07
    • Published: May. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-14983

    The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.... Read more

    • EPSS Score: %0.68
    • Published: Jun. 22, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-26871

    An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.... Read more

    Affected Products : apex_one apex_central
    • Actively Exploited
    • EPSS Score: %8.57
    • Published: Mar. 29, 2022
    • Modified: Feb. 10, 2025

  • 9.8

    CRITICAL
    CVE-2020-14750

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthent... Read more

    Affected Products : weblogic_server fusion_middleware
    • Actively Exploited
    • EPSS Score: %94.44
    • Published: Nov. 02, 2020
    • Modified: Feb. 07, 2025
Showing 20 of 292055 Results