Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-40357

    A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF) vulnerability in the zb_users/plugin/UEditor/php/action_crawler.php file allows remote attackers to force the application to make arbitrary requests via injection ... Read more

    Affected Products : z-blogphp
    • EPSS Score: %2.66
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2022-40009

    SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.32
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2022-40008

    SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.44
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-38955

    An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either intro... Read more

    Affected Products : wpn824ext_firmware wpn824ext
    • EPSS Score: %0.04
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 8.8

    HIGH
    CVE-2022-38931

    A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.... Read more

    Affected Products : baijiacms
    • EPSS Score: %1.24
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 9.8

    CRITICAL
    CVE-2022-38619

    SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegroups/mcc_group.jsf.... Read more

    Affected Products : smartvista_front-end
    • EPSS Score: %0.38
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-38178

    By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.... Read more

    • EPSS Score: %0.67
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-38177

    By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.... Read more

    • EPSS Score: %0.62
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-37884

    A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in th... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.48
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37882

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37881

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37880

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37879

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.2

    HIGH
    CVE-2022-37878

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the und... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.57
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 7.5

    HIGH
    CVE-2022-37395

    A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks.Affected product versions include:CV81-WDM FW versions 01.70.49.29.46.... Read more

    Affected Products : cv81-wdm_fw_firmware cv81-wdm_fw
    • EPSS Score: %0.18
    • Published: Sep. 20, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35090

    SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.... Read more

    Affected Products : swftools
    • EPSS Score: %0.04
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35089

    SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35088

    SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35087

    SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025

  • 5.5

    MEDIUM
    CVE-2022-35086

    SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.... Read more

    Affected Products : swftools
    • EPSS Score: %0.03
    • Published: Sep. 21, 2022
    • Modified: May. 28, 2025
Showing 20 of 291779 Results