Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2024-56116

    A Cross-Site Request Forgery vulnerability in Amiro.CMS before 7.8.4 allows remote attackers to create an administrator account.... Read more

    Affected Products : amiro.cms
    • Published: Dec. 18, 2024
    • Modified: Apr. 23, 2025

  • 6.1

    MEDIUM
    CVE-2024-56115

    A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct a Cross-Site Scripting (XSS) attack.... Read more

    Affected Products : amiro.cms
    • Published: Dec. 18, 2024
    • Modified: Apr. 23, 2025

  • 7.2

    HIGH
    CVE-2024-32841

    SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.... Read more

    Affected Products : endpoint_manager
    • Published: Nov. 13, 2024
    • Modified: Apr. 23, 2025

  • 7.2

    HIGH
    CVE-2024-32839

    SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.... Read more

    Affected Products : endpoint_manager
    • Published: Nov. 13, 2024
    • Modified: Apr. 23, 2025

  • 9.8

    CRITICAL
    CVE-2024-50330

    SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution.... Read more

    Affected Products : endpoint_manager
    • Published: Nov. 12, 2024
    • Modified: Apr. 23, 2025

  • 6.1

    MEDIUM
    CVE-2024-43437

    A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.... Read more

    Affected Products : moodle
    • Published: Nov. 11, 2024
    • Modified: Apr. 23, 2025

  • 6.1

    MEDIUM
    CVE-2024-43439

    A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.... Read more

    Affected Products : moodle
    • Published: Nov. 11, 2024
    • Modified: Apr. 23, 2025

  • 7.2

    HIGH
    CVE-2024-32844

    SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.... Read more

    Affected Products : endpoint_manager
    • Published: Nov. 13, 2024
    • Modified: Apr. 23, 2025

  • 2.7

    LOW
    CVE-2022-3710

    A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA.... Read more

    • Published: Dec. 01, 2022
    • Modified: Apr. 23, 2025

  • 6.5

    MEDIUM
    CVE-2022-23143

    ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files.... Read more

    Affected Products : otcp_firmware otcp
    • Published: Dec. 05, 2022
    • Modified: Apr. 23, 2025

  • 5.9

    MEDIUM
    CVE-2022-45478

    Telepad allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N... Read more

    Affected Products : telepad
    • Published: Dec. 05, 2022
    • Modified: Apr. 23, 2025

  • 7.0

    HIGH
    CVE-2022-42864

    A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to exec... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 23, 2025

  • 5.5

    MEDIUM
    CVE-2022-42774

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 5.5

    MEDIUM
    CVE-2022-42773

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 5.5

    MEDIUM
    CVE-2022-42772

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 4.7

    MEDIUM
    CVE-2022-42771

    In wlan driver, there is a race condition, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 4.3

    MEDIUM
    CVE-2022-42768

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 6.6

    MEDIUM
    CVE-2022-42767

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 6.6

    MEDIUM
    CVE-2022-42766

    In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.... Read more

    Affected Products : android sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 t618 +4 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025

  • 6.6

    MEDIUM
    CVE-2022-42765

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.... Read more

    Affected Products : android s8000 sc7731e sc9832e sc9863a t310 t606 t610 t612 t616 +5 more products
    • Published: Dec. 06, 2022
    • Modified: Apr. 23, 2025
Showing 20 of 293605 Results