Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2022-0527

    Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0.... Read more

    Affected Products : chatwoot
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2022-0526

    Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0.... Read more

    Affected Products : chatwoot
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2022-0525

    Out-of-bounds Read in Homebrew mruby prior to 3.2.... Read more

    Affected Products : mruby
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-0524

    Business Logic Errors in GitHub repository publify/publify prior to 9.2.7.... Read more

    Affected Products : publify
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0523

    Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0522

    Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0521

    Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0520

    Use After Free in NPM radare2.js prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0519

    Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0518

    Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.... Read more

    Affected Products : fedora radare2
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-0516

    A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects ... Read more

    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2022-0515

    Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4.... Read more

    Affected Products : crater
    • Published: Mar. 21, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0514

    Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5.... Read more

    Affected Products : crater
    • Published: Mar. 21, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0513

    The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusion_reason parameter found in the ~/includes/class-wp-statistics-exclusion.php file which allows attackers without authenticat... Read more

    Affected Products : wp_statistics
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0512

    Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.... Read more

    Affected Products : url-parse
    • Published: Feb. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0510

    Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.... Read more

    Affected Products : pimcore
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 6.6

    MEDIUM
    CVE-2022-0509

    Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1.... Read more

    Affected Products : pimcore
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0508

    Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832... Read more

    Affected Products : peertube
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0507

    Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version range: all versions of NG version, up to OUM 759. This vulnerability could allow an attacker with authenticated IP to inject SQL.... Read more

    Affected Products : pandora_fms
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2022-0506

    Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.... Read more

    Affected Products : microweber cockpit
    • Published: Feb. 08, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294330 Results