Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-3057

    A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalP... Read more

    Affected Products : globalprotect
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39817

    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is require... Read more

    Affected Products : windows bridge
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39824

    Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious png file, potentially resulting in arbitrary code execution in the context of the current user. User intera... Read more

    Affected Products : macos windows premiere_elements
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39787

    In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: And... Read more

    Affected Products : android
    • Published: Mar. 30, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39816

    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is require... Read more

    Affected Products : windows bridge
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39702

    In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges n... Read more

    Affected Products : android
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38873

    IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396.... Read more

    Affected Products : planning_analytics
    • Published: Nov. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-54036

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Jan. 15, 2025

  • 9.3

    HIGH
    CVE-2021-38714

    In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability is found in ssgLoadTGA() function in src/ssg/ssgLoadTGA.cxx file.... Read more

    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38103

    IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the curr... Read more

    Affected Products : presentations_2020
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38097

    Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of... Read more

    Affected Products : pdf_fusion
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38096

    Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. E... Read more

    Affected Products : pdf_fusion
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-38112

    In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9.... Read more

    Affected Products : aws_workspaces
    • Published: Sep. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37803

    An SQL Injection vulnerability exists in Sourcecodester Online Covid Vaccination Scheduler System 1.0 via the username in lognin.php .... Read more

    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-37678

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The [implementation](https://github.com/... Read more

    Affected Products : tensorflow
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37584

    MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software... Read more

    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37571

    MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).... Read more

    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37560

    MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software... Read more

    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37363

    An Insecure Permissions issue exists in Gestionale Open 11.00.00. A low privilege account is able to rename the mysqld.exe file located in bin folder and replace with a malicious file that would connect back to an attacking computer giving system level pr... Read more

    Affected Products : gestionale_open
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-12373

    A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.... Read more

    Affected Products :
    • Published: Dec. 18, 2024
    • Modified: Dec. 18, 2024
Showing 20 of 293330 Results