Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2021-40001

    The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.... Read more

    Affected Products : harmonyos
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-40000

    The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.... Read more

    Affected Products : harmonyos
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3999

    A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program co... Read more

    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3997

    A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.... Read more

    Affected Products : enterprise_linux fedora systemd
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3996

    A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-wri... Read more

    Affected Products : fedora util-linux
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3995

    A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who... Read more

    Affected Products : fedora util-linux
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 9.6

    CRITICAL
    CVE-2021-3994

    django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : django-helpdesk
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3993

    showdoc is vulnerable to Cross-Site Request Forgery (CSRF)... Read more

    Affected Products : showdoc
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3992

    kimai2 is vulnerable to Improper Access Control... Read more

    Affected Products : kimai_2 kimai2
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3990

    showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)... Read more

    Affected Products : showdoc
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3989

    showdoc is vulnerable to URL Redirection to Untrusted Site... Read more

    Affected Products : showdoc
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    CRITICAL
    CVE-2021-3985

    kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : kimai_2 kimai2 kimai2
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3984

    vim is vulnerable to Heap-based Buffer Overflow... Read more

    Affected Products : fedora debian_linux vim
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2021-3983

    kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : kimai_2 kimai2
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3982

    Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase it... Read more

    Affected Products : gnome-shell
    • Published: Apr. 29, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-3981

    A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventuall... Read more

    Affected Products : fedora grub2
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3980

    elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor... Read more

    Affected Products : elgg
    • Published: Dec. 03, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3979

    A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and int... Read more

    • Published: Aug. 25, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3977

    invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : invoice_ninja
    • Published: Dec. 24, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3976

    kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)... Read more

    Affected Products : kimai_2 kimai2
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292916 Results