Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2022-45210

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.06
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 4.3

    MEDIUM
    CVE-2022-45208

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.06
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-45207

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.39
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-45206

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.08
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 5.3

    MEDIUM
    CVE-2022-45205

    Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.... Read more

    Affected Products : jeecg_boot
    • EPSS Score: %0.22
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 8.8

    HIGH
    CVE-2022-45193

    CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.... Read more

    Affected Products : cbrn-analysis
    • EPSS Score: %0.03
    • Published: Nov. 12, 2022
    • Modified: Apr. 29, 2025

  • 9.1

    CRITICAL
    CVE-2022-45152

    A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a bl... Read more

    • EPSS Score: %0.38
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44860

    Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/transactions/update_status.php.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44859

    Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/admin/products/manage_product.php.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44858

    Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/view_product.php.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44844

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function.... Read more

    Affected Products : a7100ru_firmware a7100ru
    • EPSS Score: %1.39
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44843

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function.... Read more

    Affected Products : a7100ru_firmware a7100ru
    • EPSS Score: %1.39
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.8

    HIGH
    CVE-2022-44725

    OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).... Read more

    • EPSS Score: %0.05
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 7.5

    HIGH
    CVE-2022-44411

    Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack.... Read more

    Affected Products : web_based_quiz_system
    • EPSS Score: %0.06
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44403

    Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 7.2

    HIGH
    CVE-2022-44402

    Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction.... Read more

    Affected Products : automotive_shop_management_system
    • EPSS Score: %0.07
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 8.8

    HIGH
    CVE-2022-44384

    An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file.... Read more

    Affected Products : rconfig
    • EPSS Score: %0.06
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44262

    ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE).... Read more

    Affected Products : ff4j
    • EPSS Score: %2.45
    • Published: Dec. 01, 2022
    • Modified: Apr. 29, 2025

  • 9.8

    CRITICAL
    CVE-2022-44001

    An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the CORBA back-end services can be bypassed.... Read more

    Affected Products : backclick
    • EPSS Score: %0.02
    • Published: Nov. 17, 2022
    • Modified: Apr. 29, 2025

  • 8.2

    HIGH
    CVE-2022-43984

    Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does no... Read more

    Affected Products : browsershot
    • EPSS Score: %0.14
    • Published: Nov. 25, 2022
    • Modified: Apr. 29, 2025
Showing 20 of 291358 Results