Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2022-28364

    Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process file parameter via GET. Authentication is required.... Read more

    Affected Products : reprise_license_manager
    • EPSS Score: %0.37
    • Published: Apr. 09, 2022
    • Modified: Apr. 30, 2025

  • 6.1

    MEDIUM
    CVE-2022-28363

    Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET. No authentication is required.... Read more

    Affected Products : reprise_license_manager
    • EPSS Score: %17.39
    • Published: Apr. 09, 2022
    • Modified: Apr. 30, 2025

  • 6.1

    MEDIUM
    CVE-2022-30519

    XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via password field.... Read more

    Affected Products : reprise_license_manager
    • EPSS Score: %0.36
    • Published: Dec. 29, 2022
    • Modified: Apr. 30, 2025

  • 7.5

    HIGH
    CVE-2023-44031

    Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows attackers to arbitrarily save sensitive files in insecure locations via a crafted POST request.... Read more

    • EPSS Score: %0.06
    • Published: Feb. 03, 2024
    • Modified: Apr. 30, 2025

  • 5.9

    MEDIUM
    CVE-2024-50602

    An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.... Read more

    Affected Products : python libexpat
    • Published: Oct. 27, 2024
    • Modified: Apr. 30, 2025

  • 5.9

    MEDIUM
    CVE-2023-4813

    A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswit... Read more

    • EPSS Score: %0.31
    • Published: Sep. 12, 2023
    • Modified: Apr. 30, 2025

  • 5.9

    MEDIUM
    CVE-2023-4806

    A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and ... Read more

    • EPSS Score: %1.11
    • Published: Sep. 18, 2023
    • Modified: Apr. 30, 2025

  • 7.5

    HIGH
    CVE-2022-41719

    Unmarshal can panic on some inputs, possibly allowing for denial of service attacks.... Read more

    Affected Products : messagepack
    • EPSS Score: %0.09
    • Published: Nov. 10, 2022
    • Modified: Apr. 30, 2025

  • 4.6

    MEDIUM
    CVE-2022-3903

    An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or pote... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.02
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 6.5

    MEDIUM
    CVE-2022-3632

    The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions.... Read more

    Affected Products : oauth_client
    • EPSS Score: %0.16
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 9.8

    CRITICAL
    CVE-2022-3477

    The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any use... Read more

    • EPSS Score: %0.91
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 6.1

    MEDIUM
    CVE-2022-3415

    The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact me... Read more

    Affected Products : chat_bubble
    • EPSS Score: %0.69
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 8.8

    HIGH
    CVE-2022-35613

    Konker v2.3.9 was to discovered to contain a Cross-Site Request Forgery (CSRF).... Read more

    Affected Products : konker_platform
    • EPSS Score: %0.10
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 7.8

    HIGH
    CVE-2022-34325

    DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler u... Read more

    Affected Products : insydeh2o
    • EPSS Score: %0.05
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025

  • 6.4

    MEDIUM
    CVE-2022-33986

    DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. DMA attacks on the parameter buffer used by the software SMI handler used by the driver VariableRuntimeDxe could lead to a TOCTOU attack... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.04
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 7.0

    HIGH
    CVE-2022-33985

    DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the N... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.05
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 7.0

    HIGH
    CVE-2022-33984

    DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdM... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.05
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 6.4

    MEDIUM
    CVE-2022-31243

    Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at inp... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.04
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 6.4

    MEDIUM
    CVE-2022-30774

    DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the cont... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.04
    • Published: Nov. 15, 2022
    • Modified: Apr. 30, 2025

  • 6.4

    MEDIUM
    CVE-2022-30773

    DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack). DMA attacks on the parameter buffer used by the IhisiSmm driver could change the... Read more

    Affected Products : kernel kernel
    • EPSS Score: %0.04
    • Published: Nov. 14, 2022
    • Modified: Apr. 30, 2025
Showing 20 of 291021 Results