Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-40867

    Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/... Read more

    Affected Products : w20e_firmware w20e
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-40866

    Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/... Read more

    Affected Products : w20e_firmware w20e
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 7.2

    HIGH
    CVE-2022-40861

    Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/... Read more

    Affected Products : ac18_firmware ac18
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-40855

    Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMapping... Read more

    Affected Products : w20e_firmware w20e
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-40854

    Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set... Read more

    Affected Products : ac18_firmware ac18
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 9.8

    CRITICAL
    CVE-2022-40851

    Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.... Read more

    Affected Products : ac15_firmware ac15
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 4.3

    MEDIUM
    CVE-2022-35246

    A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access.... Read more

    Affected Products : rocket.chat
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-35092

    SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.... Read more

    Affected Products : swftools
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-35091

    SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc.ow()... Read more

    Affected Products : swftools
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 7.1

    HIGH
    CVE-2022-34348

    IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Forc... Read more

    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 7.1

    HIGH
    CVE-2022-32852

    An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.... Read more

    Affected Products : macos
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-32817

    An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 6.5

    MEDIUM
    CVE-2022-32816

    The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 7.8

    HIGH
    CVE-2022-32815

    The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execut... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 7.1

    HIGH
    CVE-2022-32797

    This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of p... Read more

    Affected Products : macos mac_os_x
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 7.8

    HIGH
    CVE-2022-32796

    A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 8.8

    HIGH
    CVE-2022-32792

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code exe... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2022-32790

    This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2022-32789

    A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to bypass Privacy preferences.... Read more

    Affected Products : macos
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 8.8

    HIGH
    CVE-2022-32787

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025
Showing 20 of 292763 Results