Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2022-42234

    There is a file inclusion vulnerability in the template management module in UCMS 1.6... Read more

    Affected Products : ucms
    • EPSS Score: %0.09
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 6.1

    MEDIUM
    CVE-2022-42071

    Online Birth Certificate Management System version 1.0 suffers from a Cross Site Scripting (XSS) Vulnerability.... Read more

    • EPSS Score: %0.10
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41601

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 3.4

    LOW
    CVE-2022-41600

    The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.01
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41585

    The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41584

    The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-41583

    The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.08
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-41582

    The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.08
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 9.1

    CRITICAL
    CVE-2022-41581

    The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.13
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.1

    HIGH
    CVE-2022-41577

    The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.03
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.8

    HIGH
    CVE-2022-41576

    The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.06
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 8.8

    HIGH
    CVE-2022-41539

    Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/users_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.... Read more

    Affected Products : wedding_planner
    • EPSS Score: %0.15
    • Published: Oct. 14, 2022
    • Modified: May. 14, 2025

  • 7.5

    HIGH
    CVE-2022-41323

    In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.... Read more

    Affected Products : django
    • EPSS Score: %6.17
    • Published: Oct. 16, 2022
    • Modified: May. 14, 2025

  • 8.4

    HIGH
    CVE-2022-33214

    Memory corruption in display due to time-of-check time-of-use of metadata reserved size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables... Read more

    • EPSS Score: %0.06
    • Published: Oct. 19, 2022
    • Modified: May. 14, 2025

  • 8.4

    HIGH
    CVE-2022-33210

    Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. in Snapdragon Auto... Read more

    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 14, 2025

  • 9.9

    CRITICAL
    CVE-2022-2992

    A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.... Read more

    Affected Products : gitlab
    • EPSS Score: %93.59
    • Published: Oct. 17, 2022
    • Modified: May. 14, 2025

  • 9.9

    CRITICAL
    CVE-2022-2884

    A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint... Read more

    Affected Products : gitlab
    • EPSS Score: %80.03
    • Published: Oct. 17, 2022
    • Modified: May. 14, 2025

  • 9.8

    CRITICAL
    CVE-2017-20149

    The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vu... Read more

    Affected Products : routeros
    • EPSS Score: %1.39
    • Published: Oct. 15, 2022
    • Modified: May. 14, 2025

  • 6.1

    MEDIUM
    CVE-2024-10858

    The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com.... Read more

    Affected Products : jetpack
    • Published: Dec. 25, 2024
    • Modified: May. 14, 2025

  • 4.7

    MEDIUM
    CVE-2024-10903

    The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before making a request to them, which could allow admin users to perform SSRF attack, for example on a multisite installation.... Read more

    Affected Products : broken_link_checker
    • Published: Dec. 26, 2024
    • Modified: May. 14, 2025
Showing 20 of 291812 Results