Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2022-45656

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45655

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45654

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45653

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 9.1

    CRITICAL
    CVE-2022-45652

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 9.1

    CRITICAL
    CVE-2022-45651

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45647

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45646

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45644

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45643

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 7.5

    HIGH
    CVE-2022-45641

    Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 8.8

    HIGH
    CVE-2022-45562

    Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable sys... Read more

    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 5.9

    MEDIUM
    CVE-2022-45483

    Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N... Read more

    Affected Products : lazy_mouse
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-45482

    Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H... Read more

    Affected Products : lazy_mouse
    • Published: Dec. 02, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-45481

    The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H... Read more

    Affected Products : lazy_mouse lazy_mouse
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-45477

    Telepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H... Read more

    Affected Products : telepad
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 9.8

    CRITICAL
    CVE-2022-45315

    Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.... Read more

    Affected Products : routeros
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 8.8

    HIGH
    CVE-2022-45313

    Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.... Read more

    Affected Products : routeros
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025

  • 7.8

    HIGH
    CVE-2022-45283

    GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.... Read more

    Affected Products : gpac
    • Published: Dec. 06, 2022
    • Modified: Apr. 24, 2025

  • 8.8

    HIGH
    CVE-2022-45020

    Rukovoditel v3.2.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in the component /rukovoditel/index.php?module=users/login. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.... Read more

    Affected Products : rukovoditel
    • Published: Dec. 05, 2022
    • Modified: Apr. 24, 2025
Showing 20 of 293588 Results