Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2022-0521

    Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0520

    Use After Free in NPM radare2.js prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0519

    Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0518

    Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-0516

    A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects ... Read more

    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2022-0515

    Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4.... Read more

    Affected Products : crater
    • Published: Mar. 21, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0514

    Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5.... Read more

    Affected Products : crater
    • Published: Mar. 21, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0513

    The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusion_reason parameter found in the ~/includes/class-wp-statistics-exclusion.php file which allows attackers without authenticat... Read more

    Affected Products : wp_statistics
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0512

    Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.... Read more

    Affected Products : url-parse
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0510

    Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.... Read more

    Affected Products : pimcore
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 6.6

    MEDIUM
    CVE-2022-0509

    Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1.... Read more

    Affected Products : pimcore
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0508

    Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832... Read more

    Affected Products : peertube
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0507

    Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version range: all versions of NG version, up to OUM 759. This vulnerability could allow an attacker with authenticated IP to inject SQL.... Read more

    Affected Products : pandora_fms
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2022-0506

    Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0505

    Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0504

    Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-0503

    The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard... Read more

    Affected Products : multisite_content_copier\/updater
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0502

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.... Read more

    Affected Products : live_helper_chat livehelperchat
    • Published: Feb. 06, 2022
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2022-0501

    Cross-site Scripting (XSS) - Reflected in Packagist ptrofimov/beanstalk_console prior to 1.7.12.... Read more

    Affected Products : beanstalk_console
    • Published: Feb. 05, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-0500

    A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on t... Read more

    • Published: Mar. 25, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294289 Results