Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2022-22592

    A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from bein... Read more

    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-22591

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-22590

    A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code executio... Read more

    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-22589

    A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javas... Read more

    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-22588

    A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 15.2.1 and iPadOS 15.2.1. Processing a maliciously crafted HomeKit accessory name may cause a denial of service.... Read more

    Affected Products : iphone_os ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2022-22586

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-22585

    An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application ma... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-22584

    A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-22583

    A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files.... Read more

    Affected Products : macos mac_os_x
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-22582

    A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write a... Read more

    Affected Products : macos mac_os_x
    • Published: Feb. 27, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-22579

    An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL fi... Read more

    Affected Products : macos mac_os_x iphone_os tvos ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-22578

    A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-22577

    An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.... Read more

    Affected Products : debian_linux rails actionpack actionpack
    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2022-22576

    An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this tr... Read more

    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-22572

    A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.... Read more

    Affected Products : incapptic_connect
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2022-22571

    An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions.... Read more

    Affected Products : incapptic_connect
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2022-22570

    A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who has gained access to a network to control all connected UA devices. This vulnerability is fixed in... Read more

    Affected Products : ua_lite_firmware ua_lite
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.1

    MEDIUM
    CVE-2022-22567

    Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.... Read more

    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-22566

    Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on... Read more

    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-22565

    Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive... Read more

    • Published: Apr. 12, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294863 Results