Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2021-21941

    A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution.... Read more

    • EPSS Score: %1.80
    • Published: Oct. 12, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-20125

    An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticated attacker could leverage this vulnerability to upload files to any location o... Read more

    Affected Products : vigorconnect
    • EPSS Score: %2.97
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-22724

    A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1.... Read more

    • EPSS Score: %23.75
    • Published: Oct. 14, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-40720

    Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbi... Read more

    Affected Products : ops-cli
    • EPSS Score: %15.13
    • Published: Oct. 15, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-35652

    Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions that are affected are Prior to 11.1.2.4.046 and Prior to 21.3. Easily exploitable vulnerability allows unauthenticated attacker... Read more

    • EPSS Score: %2.23
    • Published: Oct. 20, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2024-39791

    Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.... Read more

    • Published: Aug. 12, 2024
    • Modified: Aug. 20, 2024

  • 10.0

    HIGH
    CVE-2020-28960

    Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters.... Read more

    Affected Products : chichen_tech_cms
    • EPSS Score: %0.30
    • Published: Oct. 22, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-4124

    Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges.... Read more

    Affected Products : calibre
    • EPSS Score: %0.61
    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-40112

    Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with... Read more

    • EPSS Score: %2.35
    • Published: Nov. 04, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-41269

    cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, ... Read more

    Affected Products : cron-utils
    • EPSS Score: %4.02
    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-16152

    The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then trave... Read more

    Affected Products : aerohive_netconfig
    • EPSS Score: %84.90
    • Published: Nov. 14, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-37022

    There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause root permission which can be escalated.... Read more

    Affected Products : harmonyos
    • EPSS Score: %0.22
    • Published: Nov. 23, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-33267

    D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80034d60 in /formStaticDHCP. This vulnerability is triggered via a crafted POST request.... Read more

    Affected Products : dir-809_firmware dir-809
    • EPSS Score: %1.87
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-33270

    D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_800462c4 in /formAdvFirewall. This vulnerability is triggered via a crafted POST request.... Read more

    Affected Products : dir-809_firmware dir-809
    • EPSS Score: %1.87
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-43936

    The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution.... Read more

    Affected Products : webhmi_firmware webhmi
    • EPSS Score: %28.67
    • Published: Dec. 06, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-38759

    Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not changed, attackers can gain administrator privileges.... Read more

    Affected Products : raspberry_pi_os_lite
    • EPSS Score: %44.55
    • Published: Dec. 07, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-43117

    fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access.... Read more

    Affected Products : fastadmin
    • EPSS Score: %0.69
    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-44966

    SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.... Read more

    Affected Products : employee_record_management_system
    • EPSS Score: %0.12
    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-39065

    IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the Spectrum Copy Data Management Admin Console login and uploadcertifi... Read more

    • EPSS Score: %2.29
    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-44041

    UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path supplied to the --dev-widget argument of the URI handler for uipath-assistant://. This allows an attacker to execute code on a victim's machine or capture NTLM crede... Read more

    Affected Products : assistant app_studio
    • EPSS Score: %0.83
    • Published: Dec. 14, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 290972 Results