Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-46836

    Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-46830

    A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile i... Read more

    Affected Products : goanywhere_managed_file_transfer
    • Published: Jul. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-46829

    GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code executio... Read more

    Affected Products : fedora debian_linux gdk-pixbuf
    • Published: Jul. 24, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-46827

    An issue was discovered in Oxygen XML WebHelp before 22.1 build 2021082006 and 23.x before 23.1 build 2021090310. An XSS vulnerability in search terms proposals (in online documentation generated using Oxygen XML WebHelp) allows attackers to execute JavaS... Read more

    • Published: Jul. 13, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-46825

    Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate through the proxy with the same web server, the attacker can send crafted HTTP req... Read more

    Affected Products : advanced_secure_gateway proxysg
    • Published: Jul. 07, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-46824

    Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in student_profile.php.... Read more

    Affected Products : school_file_management_system
    • Published: Jun. 23, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-46823

    python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote aut... Read more

    Affected Products : python-ldap
    • Published: Jun. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46822

    The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_w... Read more

    Affected Products : libjpeg-turbo
    • Published: Jun. 18, 2022
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-46820

    Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php... Read more

    Affected Products : xos_shop_system
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-46818

    Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this is... Read more

    Affected Products : macos media_encoder windows
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-46817

    Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this is... Read more

    Affected Products : macos media_encoder windows
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-46816

    Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this iss... Read more

    Affected Products : macos premiere_pro windows
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-46814

    The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-46813

    Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : emui magic_ui
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-46812

    The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.... Read more

    Affected Products : emui harmonyos
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-46811

    HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-46790

    ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.... Read more

    Affected Products : fedora debian_linux ntfs-3g
    • Published: May. 02, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-46789

    Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.... Read more

    Affected Products : emui magic_ui
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-46788

    Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.... Read more

    Affected Products : emui magic_ui
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-46787

    The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293947 Results