Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2022-29084

    Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain a... Read more

    • EPSS Score: %1.43
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30914

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateMacClone parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30919

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID_5G parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30920

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30922

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditWlanMacList parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-35081

    Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Indu... Read more

    • EPSS Score: %0.32
    • Published: Jun. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-22087

    memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ... Read more

    • EPSS Score: %0.37
    • Published: Jun. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-2874

    Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 have a default password of root for the root account, which allows remote attackers to obtain administra... Read more

    • EPSS Score: %4.72
    • Published: Dec. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-20127

    In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi... Read more

    Affected Products : android
    • EPSS Score: %28.27
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20145

    In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges nee... Read more

    Affected Products : android
    • EPSS Score: %33.55
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20167

    Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A... Read more

    Affected Products : android
    • EPSS Score: %0.13
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20825

    A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resultin... Read more

    • EPSS Score: %3.58
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-24562

    In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remot... Read more

    Affected Products : iotransfer
    • EPSS Score: %54.61
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2016-0856

    Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %60.94
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-0857

    Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %8.21
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2022-31795

    An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-na... Read more

    • EPSS Score: %11.76
    • Published: Jun. 20, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-26147

    The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection.... Read more

    Affected Products : rg502q-ea_firmware rg502q-ea
    • EPSS Score: %12.99
    • Published: Jun. 21, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-32534

    The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.... Read more

    Affected Products : pra-es8p2s_firmware pra-es8p2s
    • EPSS Score: %2.83
    • Published: Jun. 23, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2015-6412

    Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest passwords, which makes it easier for remote attackers to obtain access via an SSH session, aka Bug ID CSCut88070.... Read more

    • EPSS Score: %1.94
    • Published: Jan. 22, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-8362

    The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerab... Read more

    Affected Products : amx_firmware
    • EPSS Score: %7.47
    • Published: Jan. 22, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 290974 Results