Latest CVE Feed
-
8.1
HIGHCVE-2022-35767
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- EPSS Score: %0.84
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
8.1
HIGHCVE-2022-35766
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows +2 more products- EPSS Score: %0.63
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
7.8
HIGHCVE-2022-35765
Storage Spaces Direct Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows windows_10_21h1 +1 more products- EPSS Score: %2.80
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
7.8
HIGHCVE-2022-35764
Storage Spaces Direct Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows windows_10_21h1 +1 more products- EPSS Score: %2.80
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
7.8
HIGHCVE-2022-35763
Storage Spaces Direct Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows windows_10_21h1 +1 more products- EPSS Score: %2.80
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
7.8
HIGHCVE-2022-35762
Storage Spaces Direct Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows windows_10_21h1 +1 more products- EPSS Score: %2.80
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
7.8
HIGHCVE-2022-35761
Windows Kernel Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 +3 more products- EPSS Score: %10.79
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
5.9
MEDIUMCVE-2022-34716
.NET Spoofing Vulnerability... Read more
Affected Products : powershell_core .net_core visual_studio_2017 visual_studio_2019 .net powershell visual_studio_2022- EPSS Score: %0.96
- Published: Aug. 09, 2022
- Modified: May. 29, 2025
-
8.8
HIGHCVE-2024-5246
NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required t... Read more
- Published: May. 23, 2024
- Modified: May. 29, 2025
-
9.3
CRITICALCVE-2024-40505
Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.... Read more
- Published: Jul. 16, 2024
- Modified: May. 29, 2025
-
6.1
MEDIUMCVE-2025-29690
A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the outtype parameter at /address/AddrController.java.... Read more
Affected Products : oa_system- Published: May. 14, 2025
- Modified: May. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.1
MEDIUMCVE-2025-29689
A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the password parameter at /mail/MailController.java.... Read more
Affected Products : oa_system- Published: May. 14, 2025
- Modified: May. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.1
MEDIUMCVE-2025-29688
A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /daymanager/daymanageabilitycontroller.java.... Read more
Affected Products : oa_system- Published: May. 14, 2025
- Modified: May. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.1
MEDIUMCVE-2025-29686
A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /inform/InformManageController.java.... Read more
Affected Products : oa_system- Published: May. 14, 2025
- Modified: May. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.1
MEDIUMCVE-2025-29691
A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.... Read more
Affected Products : oa_system- Published: May. 14, 2025
- Modified: May. 29, 2025
- Vuln Type: Cross-Site Scripting
-
5.8
MEDIUMCVE-2024-21084
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access vi... Read more
Affected Products : bi_publisher- Published: Apr. 16, 2024
- Modified: May. 29, 2025
-
6.5
MEDIUMCVE-2024-21091
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Data Import). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with n... Read more
Affected Products : agile_product_lifecycle_management_for_process- Published: Apr. 16, 2024
- Modified: May. 29, 2025
-
2.5
LOWCVE-2024-21002
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more
- Published: Apr. 16, 2024
- Modified: May. 29, 2025
-
9.8
CRITICALCVE-2022-41238
A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits.... Read more
Affected Products : dotci- EPSS Score: %0.82
- Published: Sep. 21, 2022
- Modified: May. 29, 2025
-
5.5
MEDIUMCVE-2022-37347
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This... Read more
- EPSS Score: %0.08
- Published: Sep. 19, 2022
- Modified: May. 29, 2025