Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2022-1087

    A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated re... Read more

    Affected Products : htmly
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-1086

    A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to t... Read more

    Affected Products : dolphinphp
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-1085

    A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been dis... Read more

    Affected Products : cltphp
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-1084

    A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /one_church/userregister.php. The manipulation leads to authentication bypass. The ... Read more

    Affected Products : one_church_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-1083

    A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_number with the input ' and (select * from(select(sleep(10))... Read more

    Affected Products : microfinance_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-1082

    A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input '||1=1# leads t... Read more

    Affected Products : microfinance_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-1081

    A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surnam... Read more

    Affected Products : microfinance_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-1080

    A vulnerability was found in SourceCodester One Church Management System 1.0. It has been declared as critical. This vulnerability affects code of the file attendancy.php as the manipulation of the argument search2 leads to sql injection. The attack can b... Read more

    Affected Products : one_church_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-1079

    A vulnerability classified as problematic has been found in SourceCodester One Church Management System. Affected are multiple files and parameters which are prone to to cross site scripting. It is possible to launch the attack remotely.... Read more

    Affected Products : one_church_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-1078

    A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/view_article/. The manipulation of the argument id with the input ' and (select * from(s... Read more

    Affected Products : college_website_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-1077

    A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disclosure of hardware information. The attack can be initi... Read more

    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-1076

    A vulnerability was found in Automatic Question Paper Generator System 1.0. It has been classified as problematic. This affects the file /aqpg/users/login.php of the component My Account Page. The manipulation of the argument First Name/Middle Name/Last N... Read more

    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-1075

    A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=save_contact of the component Contact Handler. The manipulation leads to persistent cross site ... Read more

    Affected Products : college_website_management_system
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-1074

    A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Using the input <h1>HTML Injection</h1> in the WiFi settings of the dashboard leads to html injection.... Read more

    Affected Products : flex-1085_firmware flex-1085
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-1073

    A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as critical. An attack leads to privilege escalation. The attack can be launched remotely.... Read more

    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2022-1071

    User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.... Read more

    Affected Products : mruby
    • Published: Mar. 26, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-1069

    A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.... Read more

    • Published: Aug. 17, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-1068

    Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used.... Read more

    Affected Products : modbus_slave
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-1067

    Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting.... Read more

    Affected Products : patient_portal
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2022-1065

    A vulnerability within the authentication process of Abacus ERP allows a remote attacker to bypass the second authentication factor. This issue affects: Abacus ERP v2022 versions prior to R1 of 2022-01-15; v2021 versions prior to R4 of 2022-01-15; v2020 v... Read more

    • Published: Apr. 19, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294545 Results