Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2022-0956

    Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0955

    Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/data-hub prior to 1.2.4.... Read more

    Affected Products : pimcore data-hub
    • Published: Mar. 24, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2022-0954

    Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.... Read more

    Affected Products : microweber cockpit
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-0953

    The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode charac... Read more

    • Published: Apr. 25, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0952

    The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers cou... Read more

    Affected Products : sitemap
    • Published: May. 02, 2022
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2022-0951

    File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0950

    Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0949

    The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbots_grava_fingerprint AJAX ... Read more

    Affected Products : block_and_stop_bad_bots stopbadbots
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0948

    The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection... Read more

    Affected Products : order_listener_for_woocommerce
    • Published: May. 09, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0947

    A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration.... Read more

    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    CRITICAL
    CVE-2022-0946

    Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    CRITICAL
    CVE-2022-0945

    Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2022-0944

    Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1.... Read more

    Affected Products : sqlpad
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2022-0943

    Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.... Read more

    Affected Products : fedora debian_linux vim macos
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2022-0942

    Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2022-0941

    Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2022-0940

    Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2022-0939

    Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.... Read more

    Affected Products : calibre-web calibre-web
    • Published: Apr. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0938

    Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2022-0937

    Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4.... Read more

    Affected Products : showdoc
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294798 Results