Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

4.3

MEDIUM

CVE-2021-44739

Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obta...

Affected Products : acrobat_dc acrobat_reader_dc macos acrobat acrobat_reader windows
Published: Jan. 14, 2022

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-44738

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter....

Affected Products : cx820_firmware cx825_firmware cx860_firmware xc4150_firmware xc6152_firmware xc8155_firmware xc8160_firmware b2236_firmware b2338_firmware b2442_firmware +457 more products
Published: Jan. 20, 2022

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files....

Affected Products : cx820_firmware cx825_firmware cx860_firmware xc4150_firmware xc6152_firmware xc8155_firmware xc8160_firmware b2236_firmware b2338_firmware b2442_firmware +457 more products
Published: Jan. 20, 2022

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-44736

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature....

Affected Products : mc3224i_firmware mc3224i
Published: Jan. 20, 2022

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-44735

Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07....

Affected Products : cx820_firmware cx825_firmware cx860_firmware xc4150_firmware xc6152_firmware xc8155_firmware xc8160_firmware b2236_firmware b2338_firmware b2442_firmware +226 more products
Published: Jan. 20, 2022

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-44734

Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device....

Affected Products : cx820_firmware cx825_firmware cx860_firmware xc4150_firmware xc6152_firmware xc8155_firmware xc8160_firmware b2236_firmware b2338_firmware b2442_firmware +457 more products
Published: Jan. 20, 2022

Modified: Nov. 21, 2024
7.0

HIGH

CVE-2021-44733

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object....

Affected Products : linux_kernel enterprise_linux fedora debian_linux h410c_firmware h300s_firmware h500s_firmware h700s_firmware h410s_firmware h300s +10 more products
Published: Dec. 22, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-44732

Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure....

Affected Products : debian_linux mbed_tls
Published: Dec. 20, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-44731

A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace a...

Affected Products : ubuntu_linux fedora debian_linux snapd
Published: Feb. 17, 2022

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2021-44730

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd...

Affected Products : ubuntu_linux fedora debian_linux snapd
Published: Feb. 17, 2022

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2021-44726

KNIME Server before 4.13.4 allows XSS via the old WebPortal login page....

Affected Products : knime_server
Published: Dec. 08, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-44725

KNIME Server before 4.13.4 allows directory traversal in a request for a client profile....

Affected Products : knime_server
Published: Dec. 08, 2021

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2021-44720

In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is stored in the HTML source code of the "Maintenance > Push Configuration > Targets > Target Name" targets.cgi screen. A read-only administrative user can escalat...

Affected Products : pulse_connect_secure connect_secure
Published: Aug. 12, 2022

Modified: Nov. 21, 2024
8.4

HIGH

CVE-2021-44719

Docker Desktop 4.3.0 has Incorrect Access Control....

Affected Products : macos mac_os_x desktop docker_desktop
Published: May. 25, 2022

Modified: Nov. 21, 2024
5.9

MEDIUM

CVE-2021-44718

wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle (MITM) position. The root cause is that the client module accepts TLS messages that nor...

Affected Products : wolfssl
Published: Sep. 02, 2022

Modified: Nov. 21, 2024
5.8

MEDIUM

CVE-2021-44717

Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion....

Affected Products : debian_linux go unix
Published: Jan. 01, 2022

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-44716

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests....

Affected Products : debian_linux go cloud_insights_telegraf
Published: Jan. 01, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-44715

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo...

Affected Products : acrobat_dc acrobat_reader_dc macos acrobat acrobat_reader windows
Published: Jan. 14, 2022

Modified: Nov. 21, 2024
4.3

MEDIUM

CVE-2021-44714

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning mess...

Affected Products : acrobat_dc acrobat_reader_dc macos acrobat acrobat_reader windows
Published: Jan. 14, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-44713

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in application denial of service. Ex...

Affected Products : acrobat_dc acrobat_reader_dc macos acrobat acrobat_reader windows
Published: Jan. 14, 2022

Modified: Nov. 21, 2024

Showing 20 of 293631 Results

Browse by Apps

Latest CVE Feed

4.3

10.0

8.8

10.0

10.0

10.0

7.0

9.8

7.8

8.8

8.8

7.5

7.2

8.4

5.9

5.8

7.5

5.5

4.3

5.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable