Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2022-43022

    OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function.... Read more

    Affected Products : opencats
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-43021

    OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable.... Read more

    Affected Products : opencats
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-43020

    OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function.... Read more

    Affected Products : opencats
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-43019

    OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the getDataGridPager's ajax functionality.... Read more

    Affected Products : opencats
    • EPSS Score: %7.97
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43018

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email function.... Read more

    Affected Products : opencats
    • EPSS Score: %9.94
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43017

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component.... Read more

    Affected Products : opencats
    • EPSS Score: %9.94
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43016

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback component.... Read more

    Affected Products : opencats
    • EPSS Score: %9.94
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.1

    MEDIUM
    CVE-2022-43015

    OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the entriesPerPage parameter.... Read more

    Affected Products : opencats
    • EPSS Score: %5.64
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-40885

    Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service.... Read more

    Affected Products : bento4
    • EPSS Score: %0.03
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-40884

    Bento4 1.6.0 has memory leaks via the mp4fragment.... Read more

    Affected Products : bento4
    • EPSS Score: %0.07
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-3327

    Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.... Read more

    Affected Products : rdiffweb
    • EPSS Score: %0.11
    • Published: Oct. 20, 2022
    • Modified: May. 09, 2025

  • 5.4

    MEDIUM
    CVE-2022-38901

    A Cross-site scripting (XSS) vulnerability in the Document and Media module - file upload functionality in Liferay Digital Experience Platform 7.3.10 SP3 allows remote attackers to inject arbitrary JS script or HTML into the description field of uploaded ... Read more

    Affected Products : liferay_portal dxp
    • EPSS Score: %0.28
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.8

    MEDIUM
    CVE-2022-35860

    Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.... Read more

    Affected Products : k63_firmware k63
    • EPSS Score: %0.04
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 7.5

    HIGH
    CVE-2022-33077

    An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint.... Read more

    Affected Products : nopcommerce
    • EPSS Score: %0.16
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 4.3

    MEDIUM
    CVE-2022-31684

    Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where... Read more

    Affected Products : reactor_netty
    • EPSS Score: %0.24
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 6.5

    MEDIUM
    CVE-2022-2805

    A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.... Read more

    Affected Products : virtualization ovirt-engine
    • EPSS Score: %0.08
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 7.5

    HIGH
    CVE-2022-25736

    Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,... Read more

    • EPSS Score: %0.16
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-25720

    Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon... Read more

    • EPSS Score: %0.25
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.1

    CRITICAL
    CVE-2022-25719

    Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon... Read more

    • EPSS Score: %0.11
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025

  • 9.8

    CRITICAL
    CVE-2022-25718

    Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,... Read more

    • EPSS Score: %0.22
    • Published: Oct. 19, 2022
    • Modified: May. 09, 2025
Showing 20 of 291775 Results