Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2022-22727

    A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user�s local machine when the user clicks a specially crafted... Read more

    • EPSS Score: %0.84
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-30317

    Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industr... Read more

    • EPSS Score: %0.04
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-35122

    Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearabl... Read more

    • EPSS Score: %0.05
    • Published: Sep. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-23677

    A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.... Read more

    • EPSS Score: %6.49
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37583

    MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).... Read more

    • EPSS Score: %0.60
    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-25090

    Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.... Read more

    Affected Products : printix
    • EPSS Score: %11.08
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-27185

    A denial of service vulnerability exists in the confctl_set_master_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability.... Read more

    • EPSS Score: %0.29
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-2028

    In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0... Read more

    Affected Products : android
    • EPSS Score: %0.37
    • Published: Apr. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38099

    CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of th... Read more

    Affected Products : photopaint_2020
    • EPSS Score: %0.33
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-6820

    Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via unspecified vectors.... Read more

    • EPSS Score: %3.78
    • Published: Nov. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2022-31540

    The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : hin-eng-preprocessing
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31544

    The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : robo-tom
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-4596

    Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.... Read more

    Affected Products : helix_server helix_mobile_server
    • EPSS Score: %5.83
    • Published: Apr. 04, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-42631

    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.... Read more

    • EPSS Score: %20.57
    • Published: Jan. 31, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-4467

    IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability t... Read more

    Affected Products : windows i2_analysts_notebook
    • EPSS Score: %1.32
    • Published: May. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-2487

    libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access,... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2023-0104

    The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data.   ... Read more

    Affected Products : easybuilder_pro
    • EPSS Score: %2.47
    • Published: Feb. 22, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-20580

    The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.... Read more

    Affected Products : readyapi
    • EPSS Score: %20.78
    • Published: May. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-51434

    Some Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution. ... Read more

    Affected Products : magic_ui
    • EPSS Score: %0.04
    • Published: Dec. 29, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8935

    The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.... Read more

    • EPSS Score: %0.60
    • Published: Mar. 22, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292512 Results