Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2021-28443

Windows Console Driver Denial of Service Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
Published: Apr. 13, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-28318

Windows GDI+ Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
Published: Apr. 13, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2015-2655

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors....

Affected Products : database_server
Published: Jul. 16, 2015

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2021-28437

Windows Installer Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
Published: Apr. 13, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2015-1487

The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename....

Affected Products : endpoint_protection_manager
Published: Aug. 01, 2015

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2021-28309

Windows Kernel Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
Published: Apr. 13, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2015-0175

IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly implement authData elements, which allows remote authenticated users to gain privileges via unspecified vectors....

Affected Products : websphere_application_server
Published: Apr. 27, 2015

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2014-9814

ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file....

Affected Products : imagemagick
Published: Mar. 30, 2017

Modified: Apr. 20, 2025
5.5

MEDIUM

CVE-2021-28150

Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi....

Affected Products : h8922_firmware h8922
Published: May. 06, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27845

A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c...

Affected Products : jasper
Published: Jul. 15, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash....

Affected Products : fedora exif
Published: Apr. 14, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2014-8181

The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace....

Affected Products : enterprise_linux enterprise_mrg
Published: Nov. 06, 2019

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27807

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions....

Affected Products : fedora webcenter_sites outside_in_technology hyperion_financial_reporting retail_customer_management_and_segmentation_foundation primavera_unifier flexcube_universal_banking retail_xstore_point_of_service banking_treasury_management banking_virtual_account_management +5 more products
Published: Mar. 19, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27753

"Sametime Android PathTraversal Vulnerability"...

Affected Products : hcl_sametime
Published: Feb. 21, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27639

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caus...

Affected Products : 3d_visual_enterprise_viewer
Published: Jun. 09, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27638

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caus...

Affected Products : 3d_visual_enterprise_viewer
Published: Jun. 09, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-27642

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is cau...

Affected Products : 3d_visual_enterprise_viewer
Published: Jun. 09, 2021

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2014-2482

Unspecified vulnerability in the Oracle Concurrent Processing component in Oracle E-Business Suite 12.1.3, 12.2.2, and 12.2.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors....

Affected Products : e-business_suite
Published: Jul. 17, 2014

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2021-27562

In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode....

Affected Products : trusted_firmware-m trusted_firmware_m trusted_firmware_m trusted_firmware-m
Actively Exploited

Published: May. 25, 2021

Modified: Mar. 14, 2025
5.5

MEDIUM

CVE-2021-27755

"Sametime Android potential path traversal vulnerability when using File class"...

Affected Products : hcl_sametime
Published: Feb. 21, 2022

Modified: Nov. 21, 2024

Showing 20 of 292802 Results

Browse by Apps

Latest CVE Feed

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable