Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-24332

    TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the url parameter in the setUrlFilterRules function.... Read more

    Affected Products : a3300r_firmware a3300r
    • EPSS Score: %2.74
    • Published: Jan. 30, 2024
    • Modified: May. 30, 2025

  • 5.4

    MEDIUM
    CVE-2024-22569

    Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute arbitrary code via a crafted payload to /index.php?c=install&m=index&step=2&is_install_db=0.... Read more

    Affected Products : poscms
    • EPSS Score: %0.11
    • Published: Jan. 31, 2024
    • Modified: May. 30, 2025

  • 9.3

    HIGH
    CVE-2022-26770

    An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privil... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.27
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 9.3

    HIGH
    CVE-2022-26769

    A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileg... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.25
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 9.3

    HIGH
    CVE-2022-26768

    A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.40
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 5.5

    MEDIUM
    CVE-2022-26767

    The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.... Read more

    Affected Products : macos
    • EPSS Score: %0.13
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 5.5

    MEDIUM
    CVE-2022-26766

    A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass si... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • EPSS Score: %3.03
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 4.7

    MEDIUM
    CVE-2022-26765

    A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authenti... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.06
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 7.5

    HIGH
    CVE-2021-38604

    In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.... Read more

    • EPSS Score: %0.07
    • Published: Aug. 12, 2021
    • Modified: May. 30, 2025

  • 7.5

    HIGH
    CVE-2019-5094

    An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to tr... Read more

    • EPSS Score: %0.33
    • Published: Sep. 24, 2019
    • Modified: May. 30, 2025

  • 5.3

    MEDIUM
    CVE-2022-40482

    The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing. This is caused by the early return inside the hasValidCredentials method in the Il... Read more

    Affected Products : framework
    • EPSS Score: %0.30
    • Published: Apr. 25, 2023
    • Modified: May. 30, 2025

  • 8.1

    HIGH
    CVE-2025-48416

    An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging i... Read more

    Affected Products :
    • Published: May. 21, 2025
    • Modified: May. 30, 2025
    • Vuln Type: Authentication

  • 4.3

    MEDIUM
    CVE-2024-7097

    An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors t... Read more

    Affected Products :
    • Published: May. 30, 2025
    • Modified: May. 30, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2024-57336

    Incorrect access control in M2Soft CROWNIX Report & ERS affected v7.x to v7.4.3.599 and v8.x to v8.0.3.79 allows unauthorized attackers to obtain Administrator account access.... Read more

    Affected Products :
    • Published: May. 28, 2025
    • Modified: May. 30, 2025
    • Vuln Type: Authorization

  • 7.3

    HIGH
    CVE-2024-27199

    In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible... Read more

    Affected Products : teamcity
    • Published: Mar. 04, 2024
    • Modified: May. 30, 2025

  • 7.8

    HIGH
    CVE-2022-32810

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os watchos ipados
    • EPSS Score: %0.06
    • Published: Aug. 24, 2022
    • Modified: May. 30, 2025

  • 7.5

    HIGH
    CVE-2022-32793

    Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.... Read more

    Affected Products : fedora macos iphone_os tvos watchos ipados
    • EPSS Score: %0.24
    • Published: Aug. 24, 2022
    • Modified: May. 30, 2025

  • 9.8

    CRITICAL
    CVE-2022-26776

    This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution.... Read more

    Affected Products : macos
    • EPSS Score: %1.64
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 9.8

    CRITICAL
    CVE-2022-26775

    An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution.... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %1.53
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 7.8

    HIGH
    CVE-2022-26774

    A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges.... Read more

    Affected Products : itunes
    • EPSS Score: %0.14
    • Published: May. 26, 2022
    • Modified: May. 30, 2025
Showing 20 of 292727 Results