Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-45497

    NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.... Read more

    Affected Products : d7000_firmware d7000
    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-45496

    NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.... Read more

    Affected Products : d7000_firmware d7000
    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-45495

    NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass.... Read more

    Affected Products : d7000_firmware d7000
    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-45494

    Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.... Read more

    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2021-45493

    Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102.... Read more

    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-45492

    In Sage 300 ERP (formerly accpac) through 6.8.x, the installer configures the C:\Sage\Sage300\Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because the Sage ... Read more

    Affected Products : sage_300
    • Published: Jul. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-45491

    3CX System through 2022-03-17 stores cleartext passwords in a database.... Read more

    Affected Products : 3cx
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-45490

    The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation.... Read more

    Affected Products : 3cx
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-45489

    In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.... Read more

    Affected Products : netbsd
    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-45488

    In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.... Read more

    Affected Products : netbsd
    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-45487

    In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.... Read more

    Affected Products : netbsd
    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 3.5

    LOW
    CVE-2021-45486

    In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.... Read more

    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-45485

    In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IP... Read more

    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-45484

    In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.... Read more

    Affected Products : netbsd
    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-45483

    In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.... Read more

    Affected Products : webkitgtk
    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-45482

    In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.... Read more

    Affected Products : webkitgtk
    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-45481

    In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.... Read more

    Affected Products : webkitgtk
    • Published: Dec. 25, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-45480

    An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Dec. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-45479

    Improper Neutralization of Input During Web Page Generation vulnerability in Yordam Information Technologies Library Automation System allows Stored XSS.This issue affects Library Automation System: before 19.2. ... Read more

    Affected Products : library_automation_system
    • Published: Mar. 02, 2023
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-45478

    Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2. ... Read more

    Affected Products : library_automation_system
    • Published: Mar. 02, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293643 Results