Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2022-43144

    A cross-site scripting (XSS) vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.... Read more

    Affected Products : canteen_management_system
    • EPSS Score: %0.94
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 8.8

    HIGH
    CVE-2022-41757

    An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 bef... Read more

    Affected Products : valhall_gpu_kernel_driver
    • EPSS Score: %0.25
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.1

    MEDIUM
    CVE-2022-41434

    EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.... Read more

    Affected Products : web_interface
    • EPSS Score: %0.11
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 4.8

    MEDIUM
    CVE-2022-41433

    EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.... Read more

    Affected Products : web_interface
    • EPSS Score: %0.09
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 4.8

    MEDIUM
    CVE-2022-41432

    EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.... Read more

    Affected Products : web_interface
    • EPSS Score: %0.09
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-37109

    patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the... Read more

    Affected Products : camp
    • EPSS Score: %1.31
    • Published: Nov. 14, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-37015

    Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access ... Read more

    Affected Products : endpoint_detection_and_response
    • EPSS Score: %0.41
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-34825

    Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a r... Read more

    • EPSS Score: %3.40
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-34824

    Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earl... Read more

    • EPSS Score: %3.81
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 9.8

    CRITICAL
    CVE-2022-33321

    Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products (PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Condit... Read more

    • EPSS Score: %0.58
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.8

    MEDIUM
    CVE-2022-32618

    In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User... Read more

    Affected Products : android mt6833 mt6873 mt6893 mt8798
    • EPSS Score: %0.05
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.8

    MEDIUM
    CVE-2022-32617

    In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User... Read more

    Affected Products : android mt6789 mt6855 mt6895 mt6983 mt8798
    • EPSS Score: %0.05
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.7

    MEDIUM
    CVE-2022-32616

    In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341258; Issue ID: ALPS073... Read more

    Affected Products : android mt6983 mt8871 mt8891
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.7

    MEDIUM
    CVE-2022-32615

    In ccd, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326559; Issue ID: ALPS073... Read more

    Affected Products : android mt6983 mt8871 mt8891
    • EPSS Score: %0.03
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.7

    MEDIUM
    CVE-2022-32614

    In audio, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310571; Issue ID: ALPS07310571... Read more

    • EPSS Score: %0.02
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.4

    MEDIUM
    CVE-2022-32613

    In vcu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07206340; Issue ID: ALPS0720634... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +23 more products
    • EPSS Score: %0.02
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 6.4

    MEDIUM
    CVE-2022-32612

    In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203500; Issue ID: ALPS07203500.... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +23 more products
    • EPSS Score: %0.02
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.5

    MEDIUM
    CVE-2022-32602

    In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; I... Read more

    Affected Products : android mt6833 mt6883 mt8675 mt8791 mt8791t mt8797 mt6983 mt8321 mt8765 +7 more products
    • EPSS Score: %0.02
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 7.8

    HIGH
    CVE-2022-32601

    In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +31 more products
    • EPSS Score: %0.00
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025

  • 5.3

    MEDIUM
    CVE-2022-30515

    ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.... Read more

    Affected Products : biotime
    • EPSS Score: %0.25
    • Published: Nov. 08, 2022
    • Modified: May. 01, 2025
Showing 20 of 291162 Results