Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2021-40577

    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.... Read more

    • Published: Nov. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40576

    The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40575

    The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-4... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40573

    The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in list.c, which allows attackers to cause a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40572

    The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-40571

    The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-40570

    The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40569

    The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-40568

    A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40567

    Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 13, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40566

    A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40565

    A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40564

    A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40563

    A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40562

    A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.... Read more

    Affected Products : gpac
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-40559

    A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service.... Read more

    Affected Products : gpac
    • Published: Jan. 12, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-40556

    A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the s... Read more

    Affected Products : rt-ax56u_firmware rt-ax56u
    • Published: Oct. 06, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-40553

    piwigo 11.5.0 is affected by a remote code execution (RCE) vulnerability in the LocalFiles Editor.... Read more

    Affected Products : piwigo
    • Published: Jun. 28, 2022
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2021-40546

    Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.... Read more

    Affected Products : ac6_firmware ac6
    • Published: Sep. 05, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-40543

    Opensis-Classic Version 8.0 is affected by a SQL injection vulnerability due to a lack of sanitization of input data at two parameters $_GET['usrid'] and $_GET['prof_id'] in the PasswordCheck.php file.... Read more

    Affected Products : opensis
    • Published: Oct. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293299 Results