Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2022-32932

    The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : iphone_os watchos ipados
    • EPSS Score: %0.22
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-32929

    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 15.7 and iPadOS 15.7, iOS 16.1 and iPadOS 16. An app may be able to access iOS backups.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.12
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.3

    MEDIUM
    CVE-2022-32928

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials.... Read more

    Affected Products : macos iphone_os watchos
    • EPSS Score: %0.15
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2022-32910

    A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.17
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-32909

    The issue was addressed with improved handling of caches. This issue is fixed in iOS 16. An app may be able to access user-sensitive data.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2022-32887

    The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.10
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-32881

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos iphone_os tvos watchos
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 2.4

    LOW
    CVE-2022-32879

    A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.08
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.1

    HIGH
    CVE-2018-6340

    The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).... Read more

    Affected Products : hhvm
    • EPSS Score: %0.43
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2018-6336

    An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed ... Read more

    Affected Products : osquery
    • EPSS Score: %0.09
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2018-6335

    A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server t... Read more

    Affected Products : hhvm
    • EPSS Score: %0.60
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 5.9

    MEDIUM
    CVE-2018-6332

    A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM (3.24.3 and 3.21.7 and below) when using the proxygen server... Read more

    Affected Products : hhvm
    • EPSS Score: %0.39
    • Published: Dec. 03, 2018
    • Modified: May. 06, 2025

  • 5.4

    MEDIUM
    CVE-2018-19918

    CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI.... Read more

    Affected Products : cuppacms
    • EPSS Score: %0.19
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 5.4

    MEDIUM
    CVE-2018-19906

    Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter.... Read more

    Affected Products : razorcms
    • EPSS Score: %0.19
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 5.4

    MEDIUM
    CVE-2018-19905

    HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter.... Read more

    Affected Products : razorcms
    • EPSS Score: %0.21
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 8.1

    HIGH
    CVE-2018-18601

    The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.... Read more

    Affected Products : gz621w_firmware gz621w
    • EPSS Score: %0.46
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 9.3

    HIGH
    CVE-2018-18600

    The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter.... Read more

    • EPSS Score: %1.67
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2024-23534

    An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. ... Read more

    Affected Products : avalanche
    • Published: Apr. 19, 2024
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2024-23530

    An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. ... Read more

    Affected Products : avalanche
    • Published: Apr. 19, 2024
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2024-23529

    An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. ... Read more

    Affected Products : avalanche
    • Published: Apr. 19, 2024
    • Modified: May. 06, 2025
Showing 20 of 291384 Results