Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

9.8

CRITICAL

CVE-2021-3942

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR....

Affected Products : laserjet_managed_flow_mfp_e52545c_firmware pagewide_managed_color_flow_mfp_e58650z_firmware pagewide_managed_color_flow_mfp_e77660z_firmware pagewide_pro_577dw_d3q21a_firmware pagewide_pro_477dn_d3q19a_firmware pagewide_pro_477dw_d3q20a_firmware pagewide_377dw_j9v80a_firmware officejet_pro_6960_j7k33a_firmware officejet_pro_6960_t0f30a_firmware officejet_pro_6960_t0f32a_firmware +5390 more products
EPSS Score: %4.43

Published: Dec. 12, 2022

Modified: Apr. 25, 2025
9.8

CRITICAL

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks....

Affected Products : linux_kernel enterprise_linux fedora communications_cloud_native_core_policy communications_cloud_native_core_binding_support_function communications_cloud_native_core_network_exposure_function
EPSS Score: %0.48

Published: Feb. 16, 2022

Modified: Mar. 28, 2025
9.8

CRITICAL

CVE-2021-3520

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The gre...

Affected Products : zfs_storage_appliance_kit active_iq_unified_manager ontap_select_deploy_administration_utility cloud_backup communications_cloud_native_core_policy universal_forwarder lz4
EPSS Score: %0.13

Published: Jun. 02, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-34578

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07....

Affected Products : 750-891_firmware 750-362_firmware 750-363_firmware 750-823_firmware 750-832_firmware 750-832\/000-002_firmware 750-862_firmware 750-890\/025-000_firmware 750-890\/025-001_firmware 750-890\/025-002_firmware +14 more products
EPSS Score: %0.34

Published: Aug. 31, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf ...

Affected Products : debian_linux libspf2
EPSS Score: %1.35

Published: Jan. 19, 2022

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-33757

Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +9 more products
EPSS Score: %0.99

Published: Jul. 14, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-33574

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a de...

Affected Products : fedora debian_linux solidfire_baseboard_management_controller_firmware cloud_backup e-series_santricity_os_controller h300s_firmware h500s_firmware h700s_firmware h410s_firmware glibc +10 more products
EPSS Score: %0.13

Published: May. 25, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-33388

dpic 2021.04.10 has a Heap Buffer Overflow in themakevar() function in dpic.y...

Affected Products : dpic
EPSS Score: %0.16

Published: Aug. 22, 2023

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-33204

In the pg_partman (aka PG Partition Manager) extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because an explicit search_path is not set....

Affected Products : pg_partman
EPSS Score: %1.05

Published: May. 19, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2022-4338

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch....

Affected Products : debian_linux openvswitch
EPSS Score: %0.47

Published: Jan. 10, 2023

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-30474

aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free....

Affected Products : aomedia
EPSS Score: %0.17

Published: Jun. 02, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-30164

Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API....

Affected Products : debian_linux redmine
EPSS Score: %0.21

Published: Apr. 06, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-29998

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client....

Affected Products : scalance_x408_firmware scalance_x300_firmware vxworks scalance_x201-3p_irt_firmware scalance_x201-3p_irt_pro_firmware scalance_x202-2p_irt_firmware scalance_x202-2p_irt_pro_firmware scalance_xf201-3p_irt_firmware scalance_xf202-2p_irt_firmware scalance_xf204-2ba_irt_firmware +61 more products
EPSS Score: %1.19

Published: Apr. 13, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-28967

The unofficial MATLAB extension before 2.0.1 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace because of lint configuration settings....

Affected Products : visual_studio_code matlab
EPSS Score: %0.56

Published: Mar. 24, 2021

Modified: Jul. 08, 2025
9.8

CRITICAL

CVE-2021-28804

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4...

Affected Products : quts_hero qts
EPSS Score: %1.06

Published: Jul. 01, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-26714

The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an attacker to view and modify application...

Affected Products : micontact_center_enterprise
EPSS Score: %0.92

Published: Mar. 29, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-25669

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLU...

Affected Products : scalance_x200-4p_irt_firmware scalance_x201-3p_irt_firmware scalance_x201-3p_irt_pro_firmware scalance_x202-2p_irt_firmware scalance_x202-2p_irt_pro_firmware scalance_xf201-3p_irt_firmware scalance_xf202-2p_irt_firmware scalance_xf204-2ba_irt_firmware scalance_x202-2_irt_firmware scalance_x204_irt_firmware +48 more products
EPSS Score: %1.00

Published: Apr. 22, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-25668

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLU...

Affected Products : scalance_x200-4p_irt_firmware scalance_x201-3p_irt_firmware scalance_x201-3p_irt_pro_firmware scalance_x202-2p_irt_firmware scalance_x202-2p_irt_pro_firmware scalance_xf201-3p_irt_firmware scalance_xf202-2p_irt_firmware scalance_xf204-2ba_irt_firmware scalance_x202-2_irt_firmware scalance_x204_irt_firmware +48 more products
EPSS Score: %0.54

Published: Apr. 22, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-23792

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity (XXE) Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to ...

Affected Products : twelvemonkeys
EPSS Score: %0.28

Published: May. 06, 2022

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-22765

A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet...

Affected Products : powerlogic_egx100_firmware powerlogic_egx300_firmware powerlogic_egx100 powerlogic_egx300
EPSS Score: %0.45

Published: Jun. 11, 2021

Modified: Nov. 21, 2024

Showing 20 of 291615 Results

1
...
1441
1442
1443
1444
1445
1446
1447
...
14581

Latest CVE Feed

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable