Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2022-21727

    Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the default value for the optional argument) or any other posit... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.33
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2022-21726

    Tensorflow is an Open Source Machine Learning Framework. The implementation of `Dequantize` does not fully validate the value of `axis` and can result in heap OOB accesses. The `axis` argument can be `-1` (the default value for the optional argument) or a... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.30
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-21725

    Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add ... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.22
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-21724

    pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pg... Read more

    • EPSS Score: %3.89
    • Published: Feb. 02, 2022
    • Modified: May. 05, 2025

  • 4.9

    MEDIUM
    CVE-2022-21720

    GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via SQL injection. Version 9.5.7 contains a patch for this issue. As a workaround, disabling the `... Read more

    Affected Products : glpi
    • EPSS Score: %0.41
    • Published: Jan. 28, 2022
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2022-21719

    GLPI is a free asset and IT management software package. All GLPI versions prior to 9.5.7 are vulnerable to reflected cross-site scripting. Version 9.5.7 contains a patch for this issue. There are no known workarounds.... Read more

    Affected Products : glpi
    • EPSS Score: %0.31
    • Published: Jan. 28, 2022
    • Modified: May. 05, 2025

  • 6.8

    MEDIUM
    CVE-2022-21687

    gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost c... Read more

    Affected Products : gh-ost
    • EPSS Score: %0.33
    • Published: Feb. 01, 2022
    • Modified: May. 05, 2025

  • 5.3

    MEDIUM
    CVE-2022-21659

    Flask-AppBuilder is an application development framework, built on top of the Flask web framework. In affected versions there exists a user enumeration vulnerability. This vulnerability allows for a non authenticated user to enumerate existing accounts by... Read more

    Affected Products : flask-appbuilder flask-appbuilder
    • EPSS Score: %0.26
    • Published: Jan. 31, 2022
    • Modified: May. 05, 2025

  • 4.4

    MEDIUM
    CVE-2022-21240

    Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.15
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 6.7

    MEDIUM
    CVE-2022-21237

    Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    • EPSS Score: %0.05
    • Published: May. 12, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-21233

    Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.11
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-21229

    Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • EPSS Score: %0.10
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-21226

    Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : trace_analyzer_and_collector
    • EPSS Score: %0.06
    • Published: Feb. 09, 2022
    • Modified: May. 05, 2025

  • 8.0

    HIGH
    CVE-2022-21225

    Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products : data_center_manager
    • EPSS Score: %0.21
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-21220

    Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : quartus_prime
    • EPSS Score: %0.05
    • Published: Feb. 09, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-21218

    Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : trace_analyzer_and_collector
    • EPSS Score: %0.06
    • Published: Feb. 09, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-21212

    Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.... Read more

    • EPSS Score: %0.48
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2022-21205

    Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.... Read more

    Affected Products : quartus_prime
    • EPSS Score: %0.40
    • Published: Feb. 09, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-21204

    Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : quartus_prime
    • EPSS Score: %0.04
    • Published: Feb. 09, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-21203

    Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : quartus_prime
    • EPSS Score: %0.04
    • Published: Feb. 09, 2022
    • Modified: May. 05, 2025
Showing 20 of 291219 Results