Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2021-42227

    Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).... Read more

    Affected Products : kind_editor kindeditor
    • Published: Oct. 14, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-42224

    SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php.... Read more

    Affected Products : ifsc_code_finder ifsc_code_finder
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-42223

    Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management System 1.0 in view-booking-detail.php.... Read more

    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-42220

    A Cross Site Scripting (XSS) vulnerability exists in Dolibarr before 14.0.3 via the ticket creation flow. Exploitation requires that an admin copies the payload into a box.... Read more

    Affected Products : dolibarr_erp\/crm dolibarr
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-42219

    Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node. This is caused by missing memory in the component /ethash/algorithm.go.... Read more

    Affected Products : go_ethereum
    • Published: Mar. 17, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-42218

    OMPL v1.5.2 contains a memory leak in VFRRT.cpp... Read more

    Affected Products : open_motion_planning_library
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-42216

    A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.... Read more

    Affected Products : anonaddy
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-42204

    An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-42203

    An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-42202

    An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-42201

    An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-42200

    An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-42199

    An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-42198

    An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-42197

    An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an attacker to cause code execution.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-42196

    An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-42195

    An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution.... Read more

    Affected Products : swftools
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-42194

    The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's input directly into the simplexml_ load_ String function, which itself does not prohibit external entities, triggering a XML external entity (XXE) injection v... Read more

    Affected Products : eyoucms
    • Published: Mar. 20, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-42192

    Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation.... Read more

    Affected Products : konga
    • Published: May. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-42185

    wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function.... Read more

    Affected Products : wdja
    • Published: May. 04, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293562 Results