Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.4

    HIGH
    CVE-2022-0943

    Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.... Read more

    Affected Products : fedora debian_linux vim macos
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2022-0942

    Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2022-0941

    Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2022-0940

    Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2022-0939

    Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.... Read more

    Affected Products : calibre-web calibre-web
    • Published: Apr. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0938

    Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2022-0937

    Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2022-0936

    Cross-site Scripting (XSS) - Stored in GitHub repository autolab/autolab prior to 2.8.0.... Read more

    Affected Products : autolab
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0935

    Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.... Read more

    Affected Products : live_helper_chat
    • Published: Apr. 07, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0932

    Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2.... Read more

    Affected Products : saleor
    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2022-0930

    File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.... Read more

    Affected Products : microweber cockpit
    • Published: Mar. 12, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2022-0929

    XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.... Read more

    Affected Products : microweber cockpit
    • Published: Mar. 12, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2022-0928

    Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.... Read more

    Affected Products : microweber cockpit
    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0926

    File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.... Read more

    Affected Products : microweber cockpit
    • Published: Mar. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0924

    Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.... Read more

    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0923

    Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerDialog_KID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute syst... Read more

    Affected Products : diaenergie
    • Published: Mar. 29, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0922

    The software does not perform any authentication for critical system functionality.... Read more

    Affected Products : e-alert_firmware e-alert
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-0921

    Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.... Read more

    Affected Products : microweber cockpit
    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0920

    The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data... Read more

    Affected Products : salon_booking_system
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2022-0919

    The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other's booking, as well as retrieve sensitive information about the bookings, such... Read more

    Affected Products : salon_booking_system
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294522 Results