Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2021-4195

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows XSS Targeting HTML Attributes.This issue affects Customer Relation Manager: before 2022... Read more

    Affected Products : customer_relation_manager
    • Published: Mar. 14, 2023
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-4194

    bookstack is vulnerable to Improper Access Control... Read more

    Affected Products : bookstack
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-4193

    vim is vulnerable to Out-of-bounds Read... Read more

    Affected Products : fedora debian_linux vim macos mac_os_x
    • Published: Dec. 31, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-4192

    vim is vulnerable to Use After Free... Read more

    Affected Products : fedora debian_linux vim macos mac_os_x
    • Published: Dec. 31, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-4191

    An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumeration to unauthenticated users through the GraphQL API.... Read more

    Affected Products : gitlab
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-4190

    Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora wireshark
    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-4189

    A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP s... Read more

    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-4188

    mruby is vulnerable to NULL Pointer Dereference... Read more

    Affected Products : mruby
    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-4187

    vim is vulnerable to Use After Free... Read more

    Affected Products : fedora vim macos mac_os_x
    • Published: Dec. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-4186

    Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora wireshark
    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-4185

    Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file... Read more

    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-4184

    Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file... Read more

    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-4183

    Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file... Read more

    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-4182

    Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file... Read more

    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-4181

    Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file... Read more

    • Published: Dec. 30, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-4180

    An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configur... Read more

    Affected Products : openstack tripleo_heat_templates
    • Published: Mar. 23, 2022
    • Modified: Nov. 21, 2024

  • 6.6

    MEDIUM
    CVE-2021-4179

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : live_helper_chat
    • Published: Dec. 28, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-4178

    A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.... Read more

    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-4177

    livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information... Read more

    Affected Products : live_helper_chat
    • Published: Dec. 28, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-4176

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : live_helper_chat
    • Published: Dec. 29, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 294068 Results