Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-0726

    Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0.... Read more

    Affected Products : peertube
    • Published: Feb. 23, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0725

    A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.... Read more

    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2022-0724

    Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 23, 2022
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2022-0723

    Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 26, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0722

    Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.... Read more

    Affected Products : parse-url
    • Published: Jun. 27, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0721

    Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0720

    The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other's booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number ... Read more

    Affected Products : amelia
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2022-0719

    Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 23, 2022
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2022-0718

    A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.... Read more

    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2022-0717

    Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.... Read more

    Affected Products : mruby
    • Published: Feb. 23, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2022-0715

    A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series I... Read more

    • Published: Mar. 09, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2022-0714

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.... Read more

    Affected Products : fedora debian_linux vim macos
    • Published: Feb. 22, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0713

    Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 22, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0712

    NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 22, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0711

    A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition... Read more

    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-0710

    The Header Footer Code Manager plugin <= 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter.... Read more

    Affected Products : header_footer_code_manager
    • Published: Feb. 24, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0709

    The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical representation of it's booking calendar, but this token is returned in the json response to unauthenticated users performing a booking, leading to a sensitive data ... Read more

    Affected Products : booking_package
    • Published: Apr. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0708

    Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.... Read more

    Affected Products : mattermost_server mattermost
    • Published: Feb. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0705

    Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.... Read more

    Affected Products : pimcore
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0704

    Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.... Read more

    Affected Products : pimcore
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294330 Results