Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-42872

    TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code.... Read more

    Affected Products : ex1200t_firmware ex1200t
    • EPSS Score: %10.32
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30918

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnet parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-30926

    H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditMacList parameter at /goform/aspForm.... Read more

    Affected Products : magic_r100_firmware magic_r100
    • EPSS Score: %0.39
    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-29797

    There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.... Read more

    Affected Products : cv81-wdm_firmware cv81-wdm
    • EPSS Score: %0.22
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-52476

    Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through 1.5.3.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 10.0

    HIGH
    CVE-2021-30341

    Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdra... Read more

    • EPSS Score: %0.36
    • Published: Jun. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-25651

    Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music... Read more

    • EPSS Score: %0.32
    • Published: Jun. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20130

    In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitati... Read more

    Affected Products : android
    • EPSS Score: %54.88
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20140

    In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr... Read more

    Affected Products : android
    • EPSS Score: %12.96
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20160

    Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A... Read more

    Affected Products : android
    • EPSS Score: %0.13
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-20191

    Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A... Read more

    Affected Products : android
    • EPSS Score: %0.13
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-9416

    In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Dec. 05, 2024
    • Modified: Dec. 18, 2024

  • 10.0

    CRITICAL
    CVE-2024-11317

    Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3... Read more

    • Published: Dec. 05, 2024
    • Modified: Apr. 10, 2025

  • 10.0

    CRITICAL
    CVE-2024-51550

    Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 10.0

    CRITICAL
    CVE-2024-51555

    Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.  Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS... Read more

    Affected Products :
    • Published: Dec. 05, 2024
    • Modified: Dec. 05, 2024

  • 10.0

    CRITICAL
    CVE-2022-1518

    LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intended directory structure.... Read more

    • EPSS Score: %0.22
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-1519

    LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a remote code exploit.... Read more

    • EPSS Score: %0.22
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-1668

    Weak default root user credentials allow remote attackers to easily obtain OS superuser privileges over the open TCP port for SSH.... Read more

    • EPSS Score: %0.52
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-31767

    IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980.... Read more

    Affected Products : linux_kernel cics_tx
    • EPSS Score: %1.44
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-40597

    The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.... Read more

    Affected Products : ic-3140w_firmware ic-3140w
    • EPSS Score: %0.64
    • Published: Jun. 29, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 290954 Results