Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-29040

    An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c... Read more

    • Published: Apr. 17, 2025
    • Modified: May. 01, 2025

  • 8.8

    HIGH
    CVE-2023-5476

    Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)... Read more

    Affected Products : debian_linux chrome edge_chromium
    • EPSS Score: %0.58
    • Published: Oct. 11, 2023
    • Modified: May. 01, 2025

  • 8.8

    HIGH
    CVE-2023-5474

    Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)... Read more

    Affected Products : debian_linux chrome edge_chromium
    • EPSS Score: %0.66
    • Published: Oct. 11, 2023
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2023-5176

    Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnera... Read more

    • EPSS Score: %0.59
    • Published: Sep. 27, 2023
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2023-5172

    A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.... Read more

    Affected Products : firefox
    • EPSS Score: %0.29
    • Published: Sep. 27, 2023
    • Modified: May. 01, 2025

  • 7.5

    HIGH
    CVE-2023-43261

    An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.... Read more

    • EPSS Score: %93.06
    • Published: Oct. 04, 2023
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-44797

    btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.... Read more

    Affected Products : btcd lightning_network_daemon
    • EPSS Score: %0.19
    • Published: Nov. 07, 2022
    • Modified: May. 01, 2025

  • 7.5

    HIGH
    CVE-2022-44556

    Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability. ... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.07
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 7.5

    HIGH
    CVE-2022-44546

    The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.... Read more

    Affected Products : emui harmonyos
    • EPSS Score: %0.08
    • Published: Nov. 09, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-44457

    A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.0 < V1.17.2), Mendix SAML (Mendix 8 compatible) (All versions < V2.3.0), Mendix SAML (Mendix 8 comp... Read more

    Affected Products : saml
    • EPSS Score: %0.29
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-44321

    PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexSkipComment function in lex.c when called from LexScanGetToken.... Read more

    Affected Products : picoc
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-44320

    PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceFP function in expression.c when called from ExpressionParseFunctionCall.... Read more

    Affected Products : picoc
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-44316

    PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexGetStringConstant function in lex.c when called from LexScanGetToken.... Read more

    Affected Products : picoc
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-44315

    PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall.... Read more

    Affected Products : picoc
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-44314

    PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall.... Read more

    Affected Products : picoc
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-44313

    PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceUnsignedInteger function in expression.c when called from ExpressionParseFunctionCall.... Read more

    Affected Products : picoc
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.6

    MEDIUM
    CVE-2022-44244

    An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator.... Read more

    Affected Products : lin-cms
    • EPSS Score: %0.02
    • Published: Nov. 09, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-44054

    The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-utility package. The affected version of d8s-htm is 0.1... Read more

    Affected Products : d8s-xml
    • EPSS Score: %0.31
    • Published: Nov. 07, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-31686

    VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application... Read more

    Affected Products : workspace_one_assist
    • EPSS Score: %0.54
    • Published: Nov. 09, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-31685

    VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.... Read more

    Affected Products : workspace_one_assist
    • EPSS Score: %0.06
    • Published: Nov. 09, 2022
    • Modified: May. 01, 2025
Showing 20 of 291138 Results