Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2022-42170

    Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.... Read more

    Affected Products : ac10_firmware ac10
    • EPSS Score: %0.17
    • Published: Oct. 17, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-42169

    Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.... Read more

    Affected Products : ac10_firmware ac10
    • EPSS Score: %0.17
    • Published: Oct. 17, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-42168

    Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind.... Read more

    Affected Products : ac10_firmware ac10
    • EPSS Score: %0.17
    • Published: Oct. 17, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-42167

    Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetFirewallCfg.... Read more

    Affected Products : ac10_firmware ac10
    • EPSS Score: %0.17
    • Published: Oct. 17, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-42164

    Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState.... Read more

    Affected Products : ac10_firmware ac10
    • EPSS Score: %0.17
    • Published: Oct. 17, 2022
    • Modified: May. 15, 2025

  • 6.5

    MEDIUM
    CVE-2022-42086

    Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.... Read more

    Affected Products : ax1803_firmware ax1803
    • EPSS Score: %0.07
    • Published: Oct. 12, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-42081

    Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via sched_end_time parameter.... Read more

    Affected Products : ac1206_firmware ac1206
    • EPSS Score: %0.12
    • Published: Oct. 12, 2022
    • Modified: May. 15, 2025

  • 8.8

    HIGH
    CVE-2022-41500

    EyouCMS V1.5.9 was discovered to contain multiple Cross-Site Request Forgery (CSRF) vulnerabilities via the Members Center, Editorial Membership, and Points Recharge components.... Read more

    Affected Products : eyoucms
    • EPSS Score: %0.10
    • Published: Oct. 18, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-41497

    ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the pkg_url parameter at /manager/index.php.... Read more

    Affected Products : clippercms
    • EPSS Score: %0.10
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-41496

    iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php.... Read more

    Affected Products : icms
    • EPSS Score: %0.11
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 9.8

    CRITICAL
    CVE-2022-41495

    ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the rss_url_news parameter at /manager/index.php.... Read more

    Affected Products : clippercms
    • EPSS Score: %0.12
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 8.1

    HIGH
    CVE-2022-41489

    WAYOS LQ_09 22.03.17V was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to send crafted requests to the server from the affected device. This vulnerability is exploitable due to a lack of authentication in the component ... Read more

    • EPSS Score: %0.06
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41485

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6_firmware ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41484

    Tenda AC1900 AP500(US)_V1_180320(Beta) was discovered to contain a buffer overflow in the 0x32384 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ap500v1_firmware ap500
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41483

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x4a12cc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41482

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41481

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41480

    Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x475dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.... Read more

    Affected Products : ac6v2.0_firmware ac6
    • EPSS Score: %0.36
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025

  • 7.5

    HIGH
    CVE-2022-41479

    The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References (IDOR) vulnerability whi... Read more

    Affected Products : asp.net_web_forms_controls
    • EPSS Score: %0.13
    • Published: Oct. 18, 2022
    • Modified: May. 15, 2025

  • 5.4

    MEDIUM
    CVE-2022-38902

    A Cross-site scripting (XSS) vulnerability in the Blog module - add new topic functionality in Liferay Digital Experience Platform 7.3.10 SP3 allows remote attackers to inject arbitrary JS script or HTML into the name field of newly created topic.... Read more

    Affected Products : liferay_portal dxp
    • EPSS Score: %0.10
    • Published: Oct. 13, 2022
    • Modified: May. 15, 2025
Showing 20 of 291751 Results