Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2022-41798

    Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-41777

    Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the serv... Read more

    Affected Products : nadesiko3
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-41642

    OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.... Read more

    Affected Products : nadesiko3
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-40918

    Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > h... Read more

    • Published: Dec. 06, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2024-54932

    Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_department.php.... Read more

    Affected Products : e-learning_management_system
    • Published: Dec. 09, 2024
    • Modified: Apr. 24, 2025

  • 9.1

    CRITICAL
    CVE-2022-38337

    When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service (DoS) for the user if services like fail2ban are used.... Read more

    Affected Products : mobaxterm
    • Published: Dec. 06, 2022
    • Modified: Apr. 24, 2025

  • 8.1

    HIGH
    CVE-2022-38336

    An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication.... Read more

    Affected Products : mobaxterm
    • Published: Dec. 06, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-37325

    In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.... Read more

    Affected Products : asterisk
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-35254

    An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti N... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32634

    In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID:... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6855 mt6873 mt6877 mt6879 +21 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32633

    In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07... Read more

    Affected Products : android yocto mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6855 mt6873 +40 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32632

    In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441630; Issue ID... Read more

    Affected Products : android yocto mt6779 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt8675 +25 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32631

    In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID... Read more

    Affected Products : android yocto mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6873 mt6877 +24 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32630

    In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP... Read more

    Affected Products : android mt6789 mt6855 mt6895 mt6983 mt8781
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32629

    In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310774; Issue ID: ALP... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32628

    In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALP... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32626

    In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6855 mt6873 mt6877 +15 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32625

    In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6855 mt6873 mt6877 +16 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32624

    In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32622

    In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025
Showing 20 of 293542 Results