Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2022-0271

    The LearnPress WordPress plugin before 4.1.6 does not sanitise and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action, leading to a Reflected Cross-Site Scripting... Read more

    Affected Products : learnpress
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0270

    Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.... Read more

    Affected Products : bored-agent
    • Published: Jan. 25, 2022
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2022-0269

    Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm prior to 6.3.0.... Read more

    • Published: Jan. 24, 2022
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2022-0268

    Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28.... Read more

    Affected Products : grav
    • Published: Jan. 25, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-0267

    The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection... Read more

    Affected Products : adrotate adrotate
    • Published: Mar. 07, 2022
    • Modified: Nov. 21, 2024

  • 6.6

    MEDIUM
    CVE-2022-0266

    Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.... Read more

    Affected Products : live_helper_chat livehelperchat
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0265

    Improper Restriction of XML External Entity Reference in GitHub repository hazelcast/hazelcast in 5.1-BETA-1.... Read more

    Affected Products : hazelcast
    • Published: Mar. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-0264

    A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak in... Read more

    Affected Products : linux_kernel
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-0263

    Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7.... Read more

    Affected Products : pimcore
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 6.6

    MEDIUM
    CVE-2022-0262

    Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.7.... Read more

    Affected Products : pimcore
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-0261

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.... Read more

    Affected Products : debian_linux vim macos mac_os_x
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0260

    Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.7.... Read more

    Affected Products : pimcore
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0258

    pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command... Read more

    Affected Products : pimcore
    • Published: Jan. 17, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-0257

    pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : pimcore
    • Published: Jan. 17, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0256

    pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : pimcore
    • Published: Jan. 17, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-0255

    The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue... Read more

    Affected Products : database_backup
    • Published: Feb. 21, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-0254

    The WordPress Zero Spam WordPress plugin before 5.2.11 does not properly sanitise and escape the order and orderby parameters before using them in a SQL statement in the admin dashboard, leading to a SQL injection... Read more

    Affected Products : zero-spam
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-0253

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : live_helper_chat livehelperchat
    • Published: Jan. 17, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-0252

    The GiveWP WordPress plugin before 2.17.3 does not escape the json parameter before outputting it back in an attribute in the Import admin dashboard, leading to a Reflected Cross-Site Scripting... Read more

    Affected Products : givewp
    • Published: Feb. 21, 2022
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2022-0251

    Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.10.... Read more

    Affected Products : pimcore
    • Published: Jan. 26, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294299 Results