Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2022-41489

    WAYOS LQ_09 22.03.17V was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to send crafted requests to the server from the affected device. This vulnerability is exploitable due to a lack of authentication in the component ... Read more

    • EPSS Score: %0.06
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41485

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6_firmware ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41484

    Tenda AC1900 AP500(US)_V1_180320(Beta) was discovered to contain a buffer overflow in the 0x32384 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ap500v1_firmware ap500
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41483

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x4a12cc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41482

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41481

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41480

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x475dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41479

    The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References (IDOR) vulnerability whi... Read more

    Affected Products : asp.net_web_forms_controls
    • EPSS Score: %0.13
    • Published: Oct. 18, 2022
    • Modified: May. 15, 2025

  • 5.4

    MEDIUM
    CVE-2022-38902

    A Cross-site scripting (XSS) vulnerability in the Blog module - add new topic functionality in Liferay Digital Experience Platform 7.3.10 SP3 allows remote attackers to inject arbitrary JS script or HTML into the name field of newly created topic.... Read more

    Affected Products : liferay_portal dxp
    • EPSS Score: %0.10
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2022-37208

    JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.... Read more

    Affected Products : jfinal_cms
    • EPSS Score: %0.46
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 5.4

    MEDIUM
    CVE-2022-35612

    A cross-site scripting (XSS) vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field.... Read more

    Affected Products : mqttroute
    • EPSS Score: %0.11
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 4.3

    MEDIUM
    CVE-2022-35611

    A Cross-Site Request Forgery (CSRF) in MQTTRoute v3.3 and below allows attackers to create and remove dashboards.... Read more

    Affected Products : mqttroute
    • EPSS Score: %0.07
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 6.5

    MEDIUM
    CVE-2022-35136

    Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests.... Read more

    Affected Products : iot_platform
    • EPSS Score: %0.10
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2022-35135

    Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/<uuid>.... Read more

    Affected Products : iot_platform
    • EPSS Score: %0.08
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 5.4

    MEDIUM
    CVE-2022-35134

    Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting (XSS) vulnerability.... Read more

    Affected Products : iot_platform
    • EPSS Score: %0.11
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 5.5

    MEDIUM
    CVE-2022-35081

    SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /src/png2swf.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.04
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 5.5

    MEDIUM
    CVE-2022-35080

    SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c.... Read more

    Affected Products : swftools
    • EPSS Score: %0.04
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 6.5

    MEDIUM
    CVE-2022-35050

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b04de.... Read more

    Affected Products : otfcc
    • EPSS Score: %0.22
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025

  • 6.5

    MEDIUM
    CVE-2022-35049

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b03b5.... Read more

    Affected Products : otfcc
    • EPSS Score: %0.22
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025

  • 6.5

    MEDIUM
    CVE-2022-35048

    OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0b2c.... Read more

    Affected Products : otfcc
    • EPSS Score: %0.22
    • Published: Oct. 14, 2022
    • Modified: May. 15, 2025
Showing 20 of 291712 Results