Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 9.9

    CRITICAL
    CVE-2024-52429

    Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0.... Read more

    Affected Products : wp_quick_setup
    • Published: Nov. 18, 2024
    • Modified: Nov. 20, 2024
  • 9.9

    CRITICAL
    CVE-2022-26420

    An OS command injection vulnerability exists in the console infactory_port functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests ... Read more

    • EPSS Score: %9.34
    • Published: May. 12, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2022-26085

    An OS command injection vulnerability exists in the httpd wlscan_ASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigg... Read more

    • EPSS Score: %2.68
    • Published: May. 12, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2022-36992

    An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execu... Read more

    • EPSS Score: %1.05
    • Published: Jul. 28, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2025-33024

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX RX1500 (All versions < V2.16.5), RUGGEDCOM ROX RX1501 (All ... Read more

    • Published: May. 13, 2025
    • Modified: May. 13, 2025
  • 9.9

    CRITICAL
    CVE-2022-2234

    An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system.... Read more

    Affected Products : mypro
    • EPSS Score: %2.01
    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2022-2104

    The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).... Read more

    • EPSS Score: %0.24
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2022-36130

    HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct scopes, allowing potential privilege escalation for authorized users of another scope. Fixed in Boundary 0.10.2.... Read more

    Affected Products : boundary
    • EPSS Score: %0.24
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2021-36782

    A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This ... Read more

    Affected Products : rancher rancher
    • EPSS Score: %77.97
    • Published: Sep. 07, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2022-39206

    Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket (e.g. /var/run/docker.sock on Linux) is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a proje... Read more

    Affected Products : onedev
    • EPSS Score: %0.62
    • Published: Sep. 13, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2022-2471

    Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. Th... Read more

    • EPSS Score: %1.74
    • Published: Sep. 15, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2025-48782

    An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file... Read more

    Affected Products :
    • Published: Jun. 06, 2025
    • Modified: Jun. 06, 2025
    • Vuln Type: Misconfiguration
  • 9.9

    CRITICAL
    CVE-2025-40585

    A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker to gain control of G5DFR component and tamper with outputs from the device.... Read more

    Affected Products :
    • Published: Jun. 10, 2025
    • Modified: Jun. 12, 2025
  • 9.9

    CRITICAL
    CVE-2022-42925

    There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the plugin upload component. The exploitation of this vulnera... Read more

    Affected Products : formalms
    • EPSS Score: %0.58
    • Published: Oct. 31, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2022-41934

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on commonly accessible documents including the menu macro can execute arbitrary Groovy, Python or Velocity code in XWiki lea... Read more

    Affected Products : xwiki
    • EPSS Score: %2.32
    • Published: Nov. 23, 2022
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2023-0016

    SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend... Read more

    • EPSS Score: %0.18
    • Published: Jan. 10, 2023
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2017-16256

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2017-16257

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2017-16258

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024
  • 9.9

    CRITICAL
    CVE-2017-16260

    Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.08
    • Published: Jan. 11, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291513 Results