Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.9

    MEDIUM
    CVE-2022-35774

    Azure Site Recovery Elevation of Privilege Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-35773

    Azure RTOS GUIX Studio Remote Code Execution Vulnerability... Read more

    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-32839

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app terminati... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32812

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32811

    A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.5

    HIGH
    CVE-2022-23948

    A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host.... Read more

    Affected Products : keylime
    • Published: Sep. 21, 2022
    • Modified: May. 29, 2025

  • 2.5

    LOW
    CVE-2024-21004

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more

    • Published: Apr. 16, 2024
    • Modified: May. 29, 2025

  • 4.4

    MEDIUM
    CVE-2025-5278

    A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious ... Read more

    Affected Products :
    • Published: May. 27, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Memory Corruption

  • 7.1

    HIGH
    CVE-2025-39407

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Caseproof, LLC Memberpress allows Reflected XSS.This issue affects Memberpress: from n/a before 1.12.0.... Read more

    Affected Products : memberpress
    • Published: May. 19, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.2

    MEDIUM
    CVE-2024-2905

    A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potent... Read more

    • Published: Apr. 25, 2024
    • Modified: May. 29, 2025

  • 4.3

    MEDIUM
    CVE-2022-32857

    This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privilege... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32840

    This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-32838

    A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files.... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32837

    This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory.... Read more

    Affected Products : macos mac_os_x iphone_os tvos ipados
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2022-32834

    An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2022-32813

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execut... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Aug. 24, 2022
    • Modified: May. 29, 2025

  • 5.4

    MEDIUM
    CVE-2024-4483

    The Email Encoder WordPress plugin before 2.2.2 does not escape the WP_Email_Encoder_Bundle_options[protection_text] parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting... Read more

    Affected Products : email_encoder email_encoder
    • Published: Jul. 29, 2024
    • Modified: May. 29, 2025

  • 4.6

    MEDIUM
    CVE-2024-6362

    The Ultimate Blocks WordPress plugin before 3.2.0 does not validate and escape some of its post-grid block attributes before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perf... Read more

    Affected Products : ultimate_blocks
    • Published: Jul. 29, 2024
    • Modified: May. 29, 2025

  • 6.1

    MEDIUM
    CVE-2024-6223

    The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as ... Read more

    • Published: Jul. 30, 2024
    • Modified: May. 29, 2025

  • 5.9

    MEDIUM
    CVE-2024-6224

    The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF atta... Read more

    • Published: Jul. 30, 2024
    • Modified: May. 29, 2025
Showing 20 of 292795 Results