Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2021-44521

    When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the h... Read more

    Affected Products : cassandra
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-44520

    In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Command Injection vulnerability, leading to remote code execution with root privileges.... Read more

    Affected Products : xenmobile_server
    • Published: Apr. 13, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-44519

    In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerability, leading to remote code execution.... Read more

    Affected Products : xenmobile_server
    • Published: Apr. 19, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-44518

    An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android. The lock sends a pairing code before each operation (lock or unlock) activated via the companion app. The code is sent unencrypted, allowing any attacker with ... Read more

    Affected Products : egeetouch_manager
    • Published: Dec. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-44514

    OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories.... Read more

    Affected Products : manageengine_opmanager
    • Published: Dec. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2021-44513

    Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling.... Read more

    Affected Products : tmate-ssh-server
    • Published: Dec. 07, 2021
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2021-44512

    World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory.... Read more

    Affected Products : tmate-ssh-server
    • Published: Dec. 07, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44510

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an extremely large value in order t... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44509

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause an integer underflow of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c in order to cause a segmentation fault an... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44508

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44507

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of parameter validation in calls to memcpy in str_tok in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44506

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44505

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44504

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a size variable, stored as an signed int, to equal an extremely large value, which is interpreted as a negative value durin... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44503

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to va_arg on an empty variadic parameter list, most likely causing a memory segmentation fault.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44502

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size of a memset that occurs in calls to util_format in sr_unix/util_output.c.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44501

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44500

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to eb_div in sr_port/eb_muldiv.c allows attackers to crash the application by performing a divide by zero.... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44499

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is the... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-44498

    An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer deref... Read more

    Affected Products : gt.m
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293622 Results