Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2022-31518

    The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : python-recipe-database
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31536

    The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : ytdl-sync
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31508

    The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : e-voting
    • EPSS Score: %0.43
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31571

    The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : python-flask-restful-api
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31550

    The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : python_athena_stack
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31516

    The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : harveyzyh_python
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31527

    The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : flask-file-server
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-2570

    Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Hea... Read more

    Affected Products : publisher
    • EPSS Score: %62.13
    • Published: Dec. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2022-31515

    The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : carceresbe
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31517

    The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : mercury_sample_manager
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31503

    The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : orchest
    • EPSS Score: %0.55
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31559

    The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : flask-yeoman
    • EPSS Score: %0.44
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31526

    The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : thunderdocs
    • EPSS Score: %0.41
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-30660

    Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti... Read more

    Affected Products : macos windows indesign
    • EPSS Score: %2.96
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-30651

    Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this ... Read more

    Affected Products : macos windows incopy
    • EPSS Score: %2.35
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-30652

    Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i... Read more

    Affected Products : macos windows incopy
    • EPSS Score: %3.96
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-30665

    Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti... Read more

    Affected Products : macos windows indesign
    • EPSS Score: %2.96
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-3215

    Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word R... Read more

    Affected Products : office word
    • EPSS Score: %56.56
    • Published: Oct. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2022-30141

    Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability... Read more

    • EPSS Score: %9.95
    • Published: Jun. 15, 2022
    • Modified: Jan. 02, 2025

  • 9.3

    HIGH
    CVE-2021-3621

    A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via ... Read more

    • EPSS Score: %0.28
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292387 Results