Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-32826

    Proxyee-Down is open source proxy software. An attacker being able to provide an extension script (eg: through a MiTM attack or by hosting a malicious extension) may be able to run arbitrary commands on the system running Proxyee-Down. For more details in... Read more

    Affected Products : proxyee-down
    • EPSS Score: %0.24
    • Published: Aug. 16, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-39373

    TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the manipulation of settings and could allow an attacker to gain unauthorized access to the system with administrative privileges.... Read more

    • Published: Jun. 27, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-2882

    SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA syst... Read more

    Affected Products : pnpscada
    • Published: Jun. 27, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-38368

    trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the pre-2014 pull request workflow to trunk. If the pods had never been claimed then it was still possible to d... Read more

    Affected Products : trunk.cocoapods.org
    • Published: Jul. 01, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28580

    Medium by Adobe version 2.4.5.331 (and earlier) is affected by a buffer overflow vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. ... Read more

    Affected Products : medium rift rift_s touch
    • EPSS Score: %2.27
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2023-4976

    A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.... Read more

    Affected Products :
    • Published: Jul. 17, 2024
    • Modified: Apr. 10, 2025

  • 9.3

    HIGH
    CVE-2021-40847

    The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. While the parental controls themselves are not enabled by default on the routers, the ... Read more

    • EPSS Score: %6.13
    • Published: Sep. 21, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38112

    In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9.... Read more

    Affected Products : aws_workspaces
    • EPSS Score: %28.52
    • Published: Sep. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40710

    Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .svg file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is req... Read more

    Affected Products : premiere_pro windows
    • EPSS Score: %4.00
    • Published: Sep. 29, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40715

    Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .exr file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is req... Read more

    Affected Products : premiere_pro windows
    • EPSS Score: %1.63
    • Published: Sep. 29, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-24016

    An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsa... Read more

    Affected Products : fortimanager
    • EPSS Score: %0.14
    • Published: Sep. 30, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38097

    Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of... Read more

    Affected Products : pdf_fusion
    • EPSS Score: %1.39
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38096

    Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. E... Read more

    Affected Products : pdf_fusion
    • EPSS Score: %1.42
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-42348

    FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395.... Read more

    Affected Products : fogproject
    • Published: Aug. 02, 2024
    • Modified: Sep. 10, 2024

  • 9.3

    CRITICAL
    CVE-2024-6118

    A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file.... Read more

    Affected Products : meetinghub_paperless_meetings
    • Published: Aug. 05, 2024
    • Modified: Aug. 30, 2024

  • 9.3

    CRITICAL
    CVE-2024-6915

    JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7.55.18 are vulnerable to Improper Input Validation that could potentially lead to cache poisoning.... Read more

    Affected Products : artifactory
    • Published: Aug. 05, 2024
    • Modified: Aug. 06, 2024

  • 9.3

    HIGH
    CVE-2021-37363

    An Insecure Permissions issue exists in Gestionale Open 11.00.00. A low privilege account is able to rename the mysqld.exe file located in bin folder and replace with a malicious file that would connect back to an attacking computer giving system level pr... Read more

    Affected Products : gestionale_open
    • EPSS Score: %0.20
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-4126

    Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.... Read more

    Affected Products : calibre
    • EPSS Score: %0.47
    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37074

    There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.... Read more

    Affected Products : emui harmonyos magic_ui
    • EPSS Score: %0.14
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-7880

    The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX.... Read more

    Affected Products : windows neors
    • EPSS Score: %0.73
    • Published: Nov. 30, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291773 Results