Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2022-31468

    OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len or off parameter.... Read more

    Affected Products : ox_app_suite
    • EPSS Score: %0.15
    • Published: Oct. 25, 2022
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-28170

    Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file.... Read more

    Affected Products : fabric_operating_system
    • EPSS Score: %0.06
    • Published: Oct. 25, 2022
    • Modified: May. 09, 2025

  • 8.8

    HIGH
    CVE-2022-28169

    Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. By e... Read more

    Affected Products : fabric_operating_system
    • EPSS Score: %0.16
    • Published: Oct. 25, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2024-0239

    The Contact Form 7 Connector WordPress plugin before 1.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against administrators.... Read more

    Affected Products : contact_form_7_connector
    • EPSS Score: %0.26
    • Published: Jan. 16, 2024
    • Modified: May. 09, 2025

  • 4.8

    MEDIUM
    CVE-2022-23179

    The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.0 does not escape some of its form fields before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilte... Read more

    • EPSS Score: %0.15
    • Published: Jan. 16, 2024
    • Modified: May. 09, 2025

  • 7.5

    HIGH
    CVE-2013-4253

    The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file.... Read more

    Affected Products : openshift
    • EPSS Score: %0.06
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.4

    MEDIUM
    CVE-2024-0881

    The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX act... Read more

    Affected Products : post_grid
    • Published: Apr. 11, 2024
    • Modified: May. 09, 2025

  • 3.8

    LOW
    CVE-2024-3628

    The EasyEvent WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed... Read more

    Affected Products : easyevent
    • Published: May. 07, 2024
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-43023

    OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function.... Read more

    Affected Products : opencats
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-43022

    OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function.... Read more

    Affected Products : opencats
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-43021

    OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable.... Read more

    Affected Products : opencats
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-43020

    OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function.... Read more

    Affected Products : opencats
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-43019

    OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the getDataGridPager's ajax functionality.... Read more

    Affected Products : opencats
    • EPSS Score: %7.97
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43018

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email function.... Read more

    Affected Products : opencats
    • EPSS Score: %9.94
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43017

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component.... Read more

    Affected Products : opencats
    • EPSS Score: %9.94
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43016

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback component.... Read more

    Affected Products : opencats
    • EPSS Score: %9.94
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43015

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the entriesPerPage parameter.... Read more

    Affected Products : opencats
    • EPSS Score: %5.64
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-40885

    Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service.... Read more

    Affected Products : bento4
    • EPSS Score: %0.03
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-40884

    Bento4 1.6.0 has memory leaks via the mp4fragment.... Read more

    Affected Products : bento4
    • EPSS Score: %0.07
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-3327

    Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.... Read more

    Affected Products : rdiffweb
    • EPSS Score: %0.11
    • Published: Oct. 20, 2022
    • Modified: May. 09, 2025
Showing 20 of 291659 Results