Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2021-46079

    An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46078

    An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-46076

    Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-46075

    A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46074

    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46073

    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46072

    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46071

    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46070

    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46069

    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46068

    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-46067

    In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.... Read more

    Affected Products : vehicle_service_management_system
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-46065

    A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.... Read more

    • Published: Jan. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-46064

    IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.... Read more

    Affected Products : irfanview
    • Published: Mar. 23, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-46063

    MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module.... Read more

    Affected Products : mcms
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-46062

    MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName.... Read more

    Affected Products : mcms
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-46061

    An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop Management system (RSMS) 1.0 via the code parameter in /rsms/ node app.... Read more

    • Published: Jan. 20, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46055

    A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).... Read more

    Affected Products : binaryen
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46054

    A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).... Read more

    Affected Products : binaryen
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-46053

    A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL.... Read more

    Affected Products : binaryen
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293942 Results