Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2021-40400

    An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit d7f42a9a). A specially-crafted Gerber file can lead to information di... Read more

    Affected Products : gerbv
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-40399

    An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide ... Read more

    Affected Products : wps_office wps_office
    • Published: May. 12, 2022
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-40398

    An out-of-bounds write vulnerability exists in the parse_raster_data functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.... Read more

    Affected Products : imagegear
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40397

    A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trig... Read more

    Affected Products : wise-paas\/ota
    • Published: Jan. 28, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-40396

    A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger... Read more

    Affected Products : deviceon\/iservice
    • Published: Jan. 28, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-40394

    An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code executi... Read more

    Affected Products : debian_linux gerbv
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-40393

    An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code executi... Read more

    Affected Products : debian_linux gerbv
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40392

    An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability.... Read more

    Affected Products : mxview
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-40391

    An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attack... Read more

    Affected Products : fedora debian_linux gerbv
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-40390

    An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability.... Read more

    Affected Products : mxview
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-40389

    A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to tri... Read more

    Affected Products : deviceon\/iedge
    • Published: Jan. 28, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-40388

    A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability.... Read more

    Affected Products : sq_manager
    • Published: Jan. 28, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-40387

    An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution.... Read more

    Affected Products : unitrends_backup_software
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-40386

    Kaseya Unitrends Client/Agent through 10.5,5 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : unitrends_backup
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-40385

    An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin.... Read more

    Affected Products : unitrends_backup_software
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40382

    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. mjpegStreamer.cgi allows video screenshot access.... Read more

    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40381

    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. index_MJpeg.cgi allows video access.... Read more

    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40380

    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. cameralist.cgi and setcamera.cgi disclose credentials.... Read more

    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-40379

    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. rstp://.../medias2 does not require authorization.... Read more

    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2021-40378

    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. /cgi-bin/support/killps.cgi deletes all data from the device.... Read more

    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293298 Results