Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2022-0591

    The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users... Read more

    Affected Products : formcraft formcraft3
    • Published: Mar. 21, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2022-0590

    The BulletProof Security WordPress plugin before 5.8 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.... Read more

    Affected Products : bulletproof_security
    • Published: Mar. 21, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0589

    Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.... Read more

    Affected Products : librenms
    • Published: Feb. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0588

    Missing Authorization in Packagist librenms/librenms prior to 22.2.0. ... Read more

    Affected Products : librenms
    • Published: Feb. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0587

    Improper Authorization in Packagist librenms/librenms prior to 22.2.0.... Read more

    Affected Products : librenms
    • Published: Feb. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-0586

    Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora debian_linux wireshark
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0585

    Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora debian_linux wireshark
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0583

    Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora debian_linux wireshark
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0582

    Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora debian_linux wireshark
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0581

    Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora debian_linux wireshark
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0580

    Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. ... Read more

    Affected Products : librenms
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0579

    Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9. ... Read more

    Affected Products : snipe-it
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0578

    Code Injection in GitHub repository publify/publify prior to 9.2.8.... Read more

    Affected Products : publify
    • Published: May. 16, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0577

    Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.... Read more

    Affected Products : debian_linux scrapy
    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-0576

    Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.... Read more

    Affected Products : librenms
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0575

    Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0.... Read more

    Affected Products : librenms
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0574

    Improper Access Control in GitHub repository publify/publify prior to 9.2.8.... Read more

    Affected Products : publify
    • Published: May. 16, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0573

    JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user ... Read more

    Affected Products : artifactory
    • Published: May. 16, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2022-0572

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.... Read more

    Affected Products : fedora debian_linux vim macos
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2022-0571

    Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.... Read more

    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294326 Results