Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-43196

    In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible.... Read more

    Affected Products : teamcity
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-43195

    In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing.... Read more

    Affected Products : teamcity
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-43194

    In JetBrains TeamCity before 2021.1.2, user enumeration was possible.... Read more

    Affected Products : teamcity
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-43193

    In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.... Read more

    Affected Products : teamcity
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-43192

    In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible.... Read more

    Affected Products : iphone_os youtrack_mobile
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-43191

    JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS.... Read more

    Affected Products : android iphone_os youtrack_mobile
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-43190

    In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible.... Read more

    Affected Products : android youtrack_mobile
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-43189

    In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete.... Read more

    Affected Products : android youtrack_mobile
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-43188

    In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete.... Read more

    Affected Products : iphone_os youtrack_mobile
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-43187

    In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information.... Read more

    Affected Products : iphone_os youtrack_mobile
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-43186

    JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS.... Read more

    Affected Products : youtrack
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-43185

    JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection.... Read more

    Affected Products : youtrack
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-43184

    In JetBrains YouTrack before 2021.3.21051, stored XSS is possible.... Read more

    Affected Products : youtrack
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-43183

    In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed.... Read more

    Affected Products : hub
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-43182

    In JetBrains Hub before 2021.1.13415, a DoS via user information is possible.... Read more

    Affected Products : hub
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-43181

    In JetBrains Hub before 2021.1.13690, stored XSS is possible.... Read more

    Affected Products : hub
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-43180

    In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible.... Read more

    Affected Products : hub
    • Published: Nov. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-43177

    As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password (OTP) for one (and only one) immediately trailing interval. CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/... Read more

    Affected Products : devise-two-factor
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-43176

    The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied “action” parameter and appends a .php file extension to locate and load the correct PHP file to implement the API call. Vulnerable versions of GOautodial do not sa... Read more

    Affected Products : goautodial goautodial_api
    • Published: Dec. 07, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-43175

    The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action that routes to other PHP files that implement the various API functions. Vulnerable versions of GOautodial validate t... Read more

    Affected Products : goautodial goautodial_api
    • Published: Dec. 07, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293633 Results