Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-34660

    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < ... Read more

    Affected Products : teamcenter
    • Published: Aug. 10, 2022
    • Modified: Sep. 08, 2025

  • 9.8

    CRITICAL
    CVE-2024-9009

    A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. This issue affects some unknown processing of the file showtest.php. The manipulation of the argument subid leads to sql injection. The attack may be ... Read more

    Affected Products : online_quiz_site
    • Published: Sep. 20, 2024
    • Modified: Sep. 25, 2024

  • 9.8

    CRITICAL
    CVE-2022-35280

    IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634.... Read more

    • Published: Aug. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-20239

    remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProd... Read more

    Affected Products : android
    • Published: Aug. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-35522

    WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml.... Read more

    • Published: Aug. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-35538

    WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.... Read more

    • Published: Aug. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-38130

    The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an U... Read more

    Affected Products : sensor_management_server
    • Published: Aug. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-2746

    A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin_ add.php. The manipulation leads to unrestricted upload. The attack can be initiated rem... Read more

    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-20403

    Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A... Read more

    Affected Products : android
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-28750

    Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.1... Read more

    Affected Products : meeting_connector
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-2801

    A vulnerability, which was classified as critical, was found in SourceCodester Automated Beer Parlour Billing System. This affects an unknown part of the component Login. The manipulation of the argument username leads to sql injection. It is possible to ... Read more

    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-2314

    The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site.... Read more

    Affected Products : vr_calendar
    • Published: Aug. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-2812

    A vulnerability classified as critical was found in SourceCodester Guest Management System. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username/pass leads to sql injection. The attack can be initiated r... Read more

    Affected Products : guest_management_system
    • Published: Aug. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-38221

    A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code.... Read more

    Affected Products : linux_kernel windows the_isle_evrima
    • Published: Aug. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-36523

    D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php.... Read more

    Affected Products : go-rt-ac750_firmware go-rt-ac750
    • Published: Aug. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-2847

    A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. Th... Read more

    Affected Products : guest_management_system
    • Published: Aug. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-23747

    In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.... Read more

    • Published: Aug. 17, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-35602

    A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user.... Read more

    Affected Products : inventorymanagementsystem
    • Published: Aug. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2014-125044

    A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This affects an unknown part of the file index.php. The manipulation of the argument p leads to file inclusion. It is possible to initiate the attack remotely. Upgradin... Read more

    Affected Products : wing-tight
    • Published: Jan. 05, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2025-4342

    A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched rem... Read more

    Affected Products : dir-600l_firmware dir-600l
    • Published: May. 06, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293651 Results