Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2022-43282

    wasm-interp v1.0.29 was discovered to contain an out-of-bounds read via the component OnReturnCallIndirectExpr->GetReturnCallDropKeepCount.... Read more

    Affected Products : wabt
    • EPSS Score: %0.04
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 7.8

    HIGH
    CVE-2022-43281

    wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h.... Read more

    Affected Products : wasm
    • EPSS Score: %0.05
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-43185

    A stored cross-site scripting (XSS) vulnerability in the Configuration/Holidays module of Rukovoditel v3.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.... Read more

    Affected Products : rukovoditel
    • EPSS Score: %4.81
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-43184

    D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi.... Read more

    Affected Products : dir-878_firmware dir-878
    • EPSS Score: %1.53
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-43169

    A stored cross-site scripting (XSS) vulnerability in the Users Access Groups feature (/index.php?module=users_groups/users_groups) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected... Read more

    Affected Products : rukovoditel
    • EPSS Score: %6.37
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-43168

    Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the reports_id parameter.... Read more

    Affected Products : rukovoditel
    • EPSS Score: %0.32
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-43167

    A stored cross-site scripting (XSS) vulnerability in the Users Alerts feature (/index.php?module=users_alerts/users_alerts) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into t... Read more

    Affected Products : rukovoditel
    • EPSS Score: %7.09
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-43166

    A stored cross-site scripting (XSS) vulnerability in the Global Entities feature (/index.php?module=entities/entities) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Na... Read more

    Affected Products : rukovoditel
    • EPSS Score: %6.37
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-43165

    A stored cross-site scripting (XSS) vulnerability in the Global Variables feature (/index.php?module=global_vars/vars) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Va... Read more

    Affected Products : rukovoditel
    • EPSS Score: %5.36
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 5.4

    MEDIUM
    CVE-2022-43164

    A stored cross-site scripting (XSS) vulnerability in the Global Lists feature (/index.php?module=global_lists/lists) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name... Read more

    Affected Products : rukovoditel
    • EPSS Score: %7.10
    • Published: Oct. 28, 2022
    • Modified: May. 08, 2025

  • 5.5

    MEDIUM
    CVE-2022-43039

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c.... Read more

    Affected Products : gpac
    • EPSS Score: %0.03
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 6.5

    MEDIUM
    CVE-2022-43038

    Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts.... Read more

    Affected Products : bento4
    • EPSS Score: %0.12
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 6.5

    MEDIUM
    CVE-2022-43037

    An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp.... Read more

    Affected Products : bento4
    • EPSS Score: %0.09
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 6.5

    MEDIUM
    CVE-2022-43035

    An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.... Read more

    Affected Products : bento4
    • EPSS Score: %0.12
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 6.5

    MEDIUM
    CVE-2022-43034

    An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts.... Read more

    Affected Products : bento4
    • EPSS Score: %0.12
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 6.5

    MEDIUM
    CVE-2022-43033

    An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input.... Read more

    Affected Products : bento4
    • EPSS Score: %0.09
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 6.5

    MEDIUM
    CVE-2022-43032

    An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.... Read more

    Affected Products : bento4
    • EPSS Score: %0.12
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-43029

    Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg.... Read more

    Affected Products : tx3_firmware tx3
    • EPSS Score: %0.17
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-43028

    Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg.... Read more

    Affected Products : tx3_firmware tx3
    • EPSS Score: %0.17
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025

  • 9.8

    CRITICAL
    CVE-2022-43027

    Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg.... Read more

    Affected Products : tx3_firmware tx3
    • EPSS Score: %0.17
    • Published: Oct. 19, 2022
    • Modified: May. 08, 2025
Showing 20 of 291728 Results