Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2022-38955

    An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either intro... Read more

    Affected Products : wpn824ext_firmware wpn824ext
    • EPSS Score: %0.04
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 8.8

    HIGH
    CVE-2022-38931

    A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.... Read more

    Affected Products : baijiacms
    • EPSS Score: %1.24
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2022-38619

    SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegroups/mcc_group.jsf.... Read more

    Affected Products : smartvista_front-end
    • EPSS Score: %0.38
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-38178

    By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.... Read more

    • EPSS Score: %0.67
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-38177

    By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.... Read more

    • EPSS Score: %0.62
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-37884

    A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in th... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.48
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37882

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37881

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37880

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37879

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37878

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-37395

    A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks.Affected product versions include:CV81-WDM FW versions 01.70.49.29.46.... Read more

    Affected Products : cv81-wdm_fw_firmware cv81-wdm_fw
    • EPSS Score: %0.18
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35090

    SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.... Read more

    Affected Products : swftools
    • EPSS Score: %0.04
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35089

    SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35088

    SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35087

    SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35086

    SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 6.5

    MEDIUM
    CVE-2022-33735

    There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be disclosed.... Read more

    Affected Products : ws7200-10_firmware ws7200-10
    • EPSS Score: %0.07
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 6.5

    MEDIUM
    CVE-2022-32880

    This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • EPSS Score: %0.24
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.8

    HIGH
    CVE-2022-32802

    A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted file may lead to arbitrary code execution.... Read more

    Affected Products : macos iphone_os tvos ipados
    • EPSS Score: %0.11
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025
Showing 20 of 291756 Results