Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-40455

    Windows Installer Spoofing Vulnerability... Read more

    • EPSS Score: %0.62
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39009

    IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 213554.... Read more

    Affected Products : oncommand_insight cognos_analytics
    • EPSS Score: %0.07
    • Published: Sep. 01, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3800

    A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.... Read more

    • EPSS Score: %0.05
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37621

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to print the met... Read more

    Affected Products : fedora debian_linux exiv2
    • EPSS Score: %0.09
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-37620

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to rea... Read more

    Affected Products : fedora debian_linux exiv2
    • EPSS Score: %0.08
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-36980

    Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.... Read more

    Affected Products : openvswitch
    • EPSS Score: %0.07
    • Published: Jul. 20, 2021
    • Modified: May. 05, 2025

  • 5.5

    MEDIUM
    CVE-2021-35477

    In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store o... Read more

    Affected Products : linux_kernel fedora debian_linux
    • EPSS Score: %0.00
    • Published: Aug. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3508

    A flaw was found in PDFResurrect in version 0.22b. There is an infinite loop in get_xref_linear_skipped() in pdf.c via a crafted PDF file.... Read more

    Affected Products : pdfresurrect
    • EPSS Score: %0.34
    • Published: Apr. 28, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34970

    Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 07, 2024
    • Modified: Aug. 13, 2025

  • 5.5

    MEDIUM
    CVE-2021-34711

    A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability... Read more

    • EPSS Score: %0.07
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34335

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A floating point exception (FPE) due to an integer divide by zero was found in Exiv2 versions v0.27.4 and earlier. The FPE is trigge... Read more

    Affected Products : fedora exiv2
    • EPSS Score: %0.08
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34332

    A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed inp... Read more

    Affected Products : jt2go teamcenter_visualization
    • EPSS Score: %0.16
    • Published: Jul. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34308

    A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could resu... Read more

    Affected Products : jt2go teamcenter_visualization
    • EPSS Score: %0.20
    • Published: Jul. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33480

    An use-after-free vulnerability was discovered in gocr through 0.53-20200802 in context_correction() in pgm2asc.c.... Read more

    Affected Products : optical_character_recognition
    • EPSS Score: %0.12
    • Published: Nov. 17, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33454

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c.... Read more

    Affected Products : yasm
    • EPSS Score: %0.03
    • Published: Jul. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-32438

    The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.... Read more

    Affected Products : gpac
    • EPSS Score: %0.09
    • Published: Aug. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-31972

    Event Tracing for Windows Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.52
    • Published: Jun. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-31007

    Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. A malicious application may be able to bypass Privacy preferences.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.13
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30990

    A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gatekeeper checks.... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.21
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30962

    A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.... Read more

    Affected Products : macos tvos
    • EPSS Score: %0.22
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291712 Results