Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.4

    LOW
    CVE-2022-32867

    This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs.... Read more

    Affected Products : macos iphone_os
    • EPSS Score: %0.10
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2022-32866

    The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos tvos watchos
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2022-32865

    The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-32862

    This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information.... Read more

    Affected Products : macos
    • EPSS Score: %1.05
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2022-32859

    A logic issue was addressed with improved state management. This issue is fixed in iOS 16. Deleted contacts may still appear in spotlight search results.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.20
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-32858

    The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. An app may be able to leak sensitive kernel state.... Read more

    Affected Products : macos iphone_os watchos
    • EPSS Score: %0.06
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 3.3

    LOW
    CVE-2022-32835

    This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.07
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-32827

    A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service.... Read more

    Affected Products : macos iphone_os
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2022-32794

    A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to gain elevated privileges.... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.10
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26710

    A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.18
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26709

    A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code executio... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • EPSS Score: %0.15
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 4.3

    MEDIUM
    CVE-2022-22677

    A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.11
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.1

    MEDIUM
    CVE-2018-19904

    Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field.... Read more

    Affected Products : xsltcms.org
    • EPSS Score: %0.24
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 7.3

    HIGH
    CVE-2025-28025

    TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter.... Read more

    • Published: Apr. 23, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Memory Corruption

  • 7.3

    HIGH
    CVE-2025-28028

    TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v5 parameter.... Read more

    • Published: Apr. 23, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Memory Corruption

  • 6.1

    MEDIUM
    CVE-2024-10679

    The Quiz and Survey Master (QSM) WordPress plugin before 9.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability... Read more

    Affected Products : quiz_and_survey_master
    • Published: Mar. 25, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 3.5

    LOW
    CVE-2025-1452

    The Favorites WordPress plugin before 2.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ... Read more

    Affected Products : favorites
    • Published: Mar. 25, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.4

    MEDIUM
    CVE-2023-2304

    The Favorites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'user_favorites' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i... Read more

    Affected Products : favorites favorites
    • EPSS Score: %0.90
    • Published: May. 31, 2023
    • Modified: May. 06, 2025

  • 6.1

    MEDIUM
    CVE-2024-12682

    The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is dis... Read more

    Affected Products : smart_maintenance_mode
    • Published: Mar. 25, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.8

    HIGH
    CVE-2024-23151

    A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code i... Read more

    • Published: Jun. 25, 2024
    • Modified: May. 06, 2025
Showing 20 of 291389 Results