Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2022-45673

    Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45672

    Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45671

    Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45670

    Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45669

    Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 6.5

    MEDIUM
    CVE-2022-45668

    Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45664

    Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45663

    Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.... Read more

    Affected Products : i22_firmware i22
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45661

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45660

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45659

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45658

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45657

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45650

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45649

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-35508

    Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file discl... Read more

    • Published: Dec. 04, 2022
    • Modified: Apr. 24, 2025

  • 7.1

    HIGH
    CVE-2022-35507

    A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-s... Read more

    • Published: Dec. 04, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-32224

    A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ab... Read more

    Affected Products : rails activerecord
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.5

    MEDIUM
    CVE-2021-37533

    Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This m... Read more

    Affected Products : debian_linux commons_net
    • Published: Dec. 03, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2025-43928

    In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading arbitrary files via ../ directory traversal in the username field. Reading ServerParameters.xml may reveal administrator credentials in cleartext or with MD5 ... Read more

    Affected Products : pmrs-102_firmware pmrs-102
    • Published: Apr. 20, 2025
    • Modified: Apr. 24, 2025
    • Vuln Type: Path Traversal
Showing 20 of 293517 Results