Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2022-46694

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.... Read more

    Affected Products : iphone_os tvos watchos ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 7.8

    HIGH
    CVE-2022-46693

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary co... Read more

    Affected Products : macos iphone_os tvos watchos icloud ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-46692

    A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web... Read more

    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 8.8

    HIGH
    CVE-2022-46691

    A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may ... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 9.8

    CRITICAL
    CVE-2022-46393

    An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_C... Read more

    Affected Products : fedora mbed_tls
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.3

    MEDIUM
    CVE-2022-46392

    An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after... Read more

    Affected Products : fedora mbed_tls
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 7.2

    HIGH
    CVE-2022-46127

    Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/classes/Master.php?f=delete_product.... Read more

    Affected Products : helmet_store_showroom_site
    • Published: Dec. 14, 2022
    • Modified: Apr. 21, 2025

  • 9.8

    CRITICAL
    CVE-2022-45969

    Alist v3.4.0 is vulnerable to Directory Traversal,... Read more

    Affected Products : alist
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 7.8

    HIGH
    CVE-2022-45338

    An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file.... Read more

    Affected Products : exact_synergy
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.4

    MEDIUM
    CVE-2022-45033

    A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field.... Read more

    Affected Products : expense_tracker
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 9.8

    CRITICAL
    CVE-2022-44236

    Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak password vulnerability.... Read more

    Affected Products : voip_simplicity_asg
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 6.1

    MEDIUM
    CVE-2022-44235

    Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) is vulnerable to Cross Site Scripting (XSS).... Read more

    Affected Products : voip_simplicity_asg
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 8.8

    HIGH
    CVE-2022-42867

    A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42866

    The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42865

    This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42859

    Multiple issues were addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, watchOS 9.2. An app may be able to bypass Privacy preferences.... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42854

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1. An app may be able to disclose kernel memory.... Read more

    Affected Products : macos
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42853

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 6.5

    MEDIUM
    CVE-2022-42852

    The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the dis... Read more

    Affected Products : macos iphone_os tvos watchos safari ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025

  • 5.5

    MEDIUM
    CVE-2022-42851

    The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2. Parsing a maliciously crafted TIFF file may lead to disclosure of user information.... Read more

    Affected Products : iphone_os tvos ipados
    • Published: Dec. 15, 2022
    • Modified: Apr. 21, 2025
Showing 20 of 293186 Results