Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2021-43037

    An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to... Read more

    Affected Products : unitrends_backup
    • Published: Dec. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-43036

    An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for the PostgreSQL wguest account is weak.... Read more

    Affected Products : unitrends_backup
    • Published: Dec. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-43035

    An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated SQL injection vulnerabilities were discovered, allowing arbitrary SQL queries to be injected and executed under the postgres superuser account. Remote code exe... Read more

    Affected Products : unitrends_backup
    • Published: Dec. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-43034

    An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation.... Read more

    Affected Products : unitrends_backup
    • Published: Dec. 06, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-43033

    An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in the bpserverd daemon were vulnerable to arbitrary remote code execution as root. The vulnerability was caused by untrusted input (received by the server) bei... Read more

    Affected Products : unitrends_backup
    • Published: Dec. 06, 2021
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-43032

    In XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side.... Read more

    Affected Products : xenforo
    • Published: Nov. 03, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-43030

    Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose arbitrary data on affected installations. User interaction is required to exploit this vulnerability in that... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43029

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43028

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-43027

    Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execu... Read more

    Affected Products : macos windows after_effects
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43026

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43025

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43024

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43023

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EPS/TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43022

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PNG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43021

    Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EXR file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is r... Read more

    Affected Products : windows premiere_rush
    • Published: Dec. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43019

    Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges ... Read more

    • Published: Nov. 23, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-43018

    Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a ... Read more

    Affected Products : macos windows photoshop
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 4.2

    MEDIUM
    CVE-2021-43017

    Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of se... Read more

    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-43016

    Adobe InCopy version 16.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context... Read more

    Affected Products : macos windows incopy
    • Published: Nov. 22, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293554 Results