Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2022-22936

    An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File ser... Read more

    Affected Products : salt
    • EPSS Score: %0.07
    • Published: Mar. 29, 2022
    • Modified: May. 05, 2025

  • 4.3

    MEDIUM
    CVE-2022-22935

    An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.... Read more

    Affected Products : salt
    • EPSS Score: %0.07
    • Published: Mar. 29, 2022
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2022-22827

    storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.... Read more

    • EPSS Score: %0.28
    • Published: Jan. 10, 2022
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2022-22826

    nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.... Read more

    • EPSS Score: %0.21
    • Published: Jan. 10, 2022
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2022-22825

    lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.... Read more

    • EPSS Score: %0.21
    • Published: Jan. 10, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-22824

    defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.... Read more

    • EPSS Score: %0.43
    • Published: Jan. 10, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-22823

    build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.... Read more

    • EPSS Score: %0.43
    • Published: Jan. 10, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-22822

    addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.... Read more

    • EPSS Score: %1.33
    • Published: Jan. 10, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-22730

    Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.... Read more

    Affected Products : edge_insights_for_industrial
    • EPSS Score: %0.40
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.3

    HIGH
    CVE-2022-22139

    Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : extreme_tuning_utility
    • EPSS Score: %0.21
    • Published: May. 12, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-21812

    Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • EPSS Score: %0.14
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 7.8

    HIGH
    CVE-2022-21807

    Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : vtune_profiler
    • EPSS Score: %0.07
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2022-21793

    Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to ... Read more

    • EPSS Score: %0.05
    • Published: Aug. 18, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-21741

    Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and ar... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.23
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2022-21740

    Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.41
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-21739

    Tensorflow is an Open Source Machine Learning Framework. The implementation of `QuantizedMaxPool` has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.22
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-21738

    Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorF... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.22
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-21737

    Tensorflow is an Open Source Machine Learning Framework. The implementation of `*Bincount` operations allows malicious users to cause denial of service by passing in arguments which would trigger a `CHECK`-fail. There are several conditions that the input... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.22
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 7.6

    HIGH
    CVE-2022-21736

    Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseTensorSliceDataset` has an undefined behavior: under certain condition it can be made to dereference a `nullptr` value. The 3 input arguments to `SparseTensorSliceDatase... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.25
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2022-21735

    Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFl... Read more

    Affected Products : tensorflow
    • EPSS Score: %0.22
    • Published: Feb. 03, 2022
    • Modified: May. 05, 2025
Showing 20 of 291641 Results