Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2022-42314

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42313

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42312

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-42311

    Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, ... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.04
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-40294

    The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers. ... Read more

    Affected Products : php_point_of_sale
    • EPSS Score: %0.13
    • Published: Oct. 31, 2022
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2022-27586

    Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version <2.0.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. Th... Read more

    • EPSS Score: %2.12
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2022-27584

    Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in ... Read more

    Affected Products : sim2000st_firmware sim2000st
    • EPSS Score: %1.88
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2022-27582

    Password recovery vulnerability in SICK SIM4000 (PPC) Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase... Read more

    • EPSS Score: %1.79
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2022-26762

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.14
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26730

    A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution.... Read more

    Affected Products : macos
    • EPSS Score: %0.64
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26719

    A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execut... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • EPSS Score: %0.13
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26717

    A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lea... Read more

    • EPSS Score: %0.44
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 8.8

    HIGH
    CVE-2022-26716

    A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execut... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • EPSS Score: %0.14
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 5.7

    MEDIUM
    CVE-2022-23738

    An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub E... Read more

    Affected Products : enterprise_server
    • EPSS Score: %0.09
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 6.5

    MEDIUM
    CVE-2022-22658

    An input validation issue was addressed with improved input validation. This issue is fixed in iOS 16.0.3. Processing a maliciously crafted email message may lead to a denial-of-service.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.15
    • Published: Nov. 01, 2022
    • Modified: May. 06, 2025

  • 9.8

    CRITICAL
    CVE-2018-6333

    The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be c... Read more

    Affected Products : nuclide
    • EPSS Score: %1.12
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 7.5

    HIGH
    CVE-2018-4942

    Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure.... Read more

    Affected Products : coldfusion
    • EPSS Score: %0.90
    • Published: May. 19, 2018
    • Modified: May. 06, 2025

  • 7.8

    HIGH
    CVE-2018-4938

    Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.... Read more

    Affected Products : coldfusion
    • EPSS Score: %0.20
    • Published: May. 19, 2018
    • Modified: May. 06, 2025

  • 8.3

    HIGH
    CVE-2018-2826

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to com... Read more

    • EPSS Score: %3.00
    • Published: Apr. 19, 2018
    • Modified: May. 06, 2025

  • 8.3

    HIGH
    CVE-2018-2825

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to com... Read more

    • EPSS Score: %1.13
    • Published: Apr. 19, 2018
    • Modified: May. 06, 2025
Showing 20 of 291401 Results