Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2022-2223

    The WordPress plugin Image Slider is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1.121 due to failure to properly check for the existence of a nonce in the function ewic_duplicate_slider. This make it possible for unauthent... Read more

    Affected Products : image_slider
    • EPSS Score: %0.21
    • Published: Jul. 18, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-2108

    The plugin Wbcom Designs – BuddyPress Group Reviews for WordPress is vulnerable to unauthorized settings changes and review modification due to missing capability checks and improper nonce checks in several functions related to said actions in versions up... Read more

    Affected Products : buddypress_group_reviews
    • EPSS Score: %0.69
    • Published: Jul. 18, 2022
    • Modified: May. 05, 2025

  • 10.0

    HIGH
    CVE-2022-2068

    In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292... Read more

    • EPSS Score: %51.85
    • Published: Jun. 21, 2022
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2022-2001

    The DX Share Selection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the dxss_admin_page() function found in the ~/dx-share-selection.php file. This makes ... Read more

    Affected Products : dx_share_selection
    • EPSS Score: %0.32
    • Published: Jul. 18, 2022
    • Modified: May. 05, 2025

  • 5.9

    MEDIUM
    CVE-2022-29593

    relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.... Read more

    Affected Products : dt-r004_firmware dt-r004
    • EPSS Score: %6.39
    • Published: Jul. 14, 2022
    • Modified: May. 05, 2025

  • 4.4

    MEDIUM
    CVE-2022-28709

    Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access.... Read more

    • EPSS Score: %0.05
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 6.8

    MEDIUM
    CVE-2022-28697

    Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access.... Read more

    • EPSS Score: %0.31
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-28696

    Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : distribution_for_python
    • EPSS Score: %0.07
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-28388

    usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.... Read more

    • EPSS Score: %0.01
    • Published: Apr. 03, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-28356

    In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.02
    • Published: Apr. 02, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-27500

    Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : support
    • EPSS Score: %0.04
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-26373

    Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.... Read more

    • EPSS Score: %0.28
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 4.4

    MEDIUM
    CVE-2022-26074

    Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products : server_platform_services_firmware
    • EPSS Score: %0.14
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 8.0

    HIGH
    CVE-2022-26017

    Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.... Read more

    Affected Products : driver_\&_support_assistant
    • EPSS Score: %0.35
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-25999

    Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • EPSS Score: %0.07
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-25966

    Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : edge_insights_for_industrial
    • EPSS Score: %0.06
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-25841

    Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : datacenter_group_event
    • EPSS Score: %0.07
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-25315

    In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.... Read more

    • EPSS Score: %7.70
    • Published: Feb. 18, 2022
    • Modified: May. 05, 2025

  • 7.5

    HIGH
    CVE-2022-25314

    In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.... Read more

    • EPSS Score: %0.36
    • Published: Feb. 18, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-25236

    xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.... Read more

    • EPSS Score: %9.36
    • Published: Feb. 16, 2022
    • Modified: May. 05, 2025
Showing 20 of 291265 Results