Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.7

    MEDIUM
    CVE-2022-32630

    In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP... Read more

    Affected Products : android mt6789 mt6855 mt6895 mt6983 mt8781
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32629

    In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310774; Issue ID: ALP... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32628

    In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALP... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32626

    In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6855 mt6873 mt6877 +15 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32625

    In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6855 mt6873 mt6877 +16 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32624

    In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32622

    In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.4

    MEDIUM
    CVE-2022-32621

    In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310... Read more

    Affected Products : android mt6895 mt6983
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32620

    In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.... Read more

    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32619

    In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Iss... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +42 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32598

    In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +23 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32597

    In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +23 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32596

    In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +23 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 6.7

    MEDIUM
    CVE-2022-32594

    In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6855 mt6873 +23 more products
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-28607

    An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/mod_users/controller.php.... Read more

    Affected Products : isic.lk
    • Published: Dec. 01, 2022
    • Modified: Apr. 24, 2025

  • 6.5

    MEDIUM
    CVE-2022-23737

    An improper privilege management vulnerability was identified in GitHub Enterprise Server that allowed users with improper privileges to create or delete pages via the API. To exploit this vulnerability, an attacker would need to be added to an organizati... Read more

    Affected Products : enterprise_server
    • Published: Dec. 01, 2022
    • Modified: Apr. 24, 2025

  • 4.3

    MEDIUM
    CVE-2024-1319

    The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. (e.g. draft, private, pending review, password-protected, and trashed po... Read more

    Affected Products : event_tickets
    • Published: Mar. 04, 2024
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2024-54931

    A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter.... Read more

    Affected Products : e-learning_management_system
    • Published: Dec. 09, 2024
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2024-52675

    SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php.... Read more

    • Published: Nov. 19, 2024
    • Modified: Apr. 24, 2025

  • 7.2

    HIGH
    CVE-2024-32847

    SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.... Read more

    Affected Products : endpoint_manager
    • Published: Nov. 13, 2024
    • Modified: Apr. 24, 2025
Showing 20 of 293605 Results