Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-23356

    A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed t... Read more

    Affected Products :
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 7.3

    HIGH
    CVE-2023-23354

    A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data.... Read more

    Affected Products : qulog_center
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 6.8

    MEDIUM
    CVE-2022-27600

    An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack. We have already fixed the vuln... Read more

    Affected Products : quts_hero qts qutscloud
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 7.8

    HIGH
    CVE-2022-27595

    An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerab... Read more

    Affected Products : qvpn
    • Published: Dec. 19, 2024
    • Modified: Dec. 19, 2024

  • 4.6

    MEDIUM
    CVE-2022-33954

    IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials.... Read more

    Affected Products : robotic_process_automation windows
    • Published: Dec. 19, 2024
    • Modified: Mar. 27, 2025

  • 7.5

    HIGH
    CVE-2021-39081

    IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.... Read more

    Affected Products : cognos_analytics_mobile
    • Published: Dec. 19, 2024
    • Modified: Jul. 29, 2025

  • 6.5

    MEDIUM
    CVE-2024-55603

    Kanboard is project management software that focuses on the Kanban methodology. In affected versions sessions are still usable even though their lifetime has exceeded. Kanboard implements a cutom session handler (`app/Core/Session/SessionHandler.php`), to... Read more

    Affected Products : kanboard
    • Published: Dec. 19, 2024
    • Modified: Mar. 12, 2025

  • 5.5

    MEDIUM
    CVE-2023-21586

    Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an appli... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 7.8

    HIGH
    CVE-2022-44520

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-44519

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 7.8

    HIGH
    CVE-2022-44518

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 5.5

    MEDIUM
    CVE-2022-44517

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-44516

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2022-44515

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • Published: Dec. 19, 2024
    • Modified: Jan. 10, 2025

  • 7.8

    HIGH
    CVE-2022-44514

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 7.8

    HIGH
    CVE-2022-44513

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploita... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 7.8

    HIGH
    CVE-2022-44512

    Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploita... Read more

    • Published: Dec. 19, 2024
    • Modified: Feb. 06, 2025

  • 5.2

    MEDIUM
    CVE-2021-29827

    IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions... Read more

    • Published: Dec. 19, 2024
    • Modified: Mar. 12, 2025

  • 5.4

    MEDIUM
    CVE-2021-20553

    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr... Read more

    Affected Products : sterling_b2b_integrator
    • Published: Dec. 19, 2024
    • Modified: Mar. 06, 2025

  • 7.5

    HIGH
    CVE-2024-56319

    In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a denial of service (resource exhaustion).... Read more

    Affected Products :
    • Published: Dec. 18, 2024
    • Modified: Dec. 31, 2024
Showing 20 of 293343 Results