Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2021-38690

    A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following ver... Read more

    Affected Products : qvr_elite qvr_guard qvr_pro
    • EPSS Score: %1.21
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-38689

    A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following ver... Read more

    Affected Products : qvr_elite qvr_guard qvr_pro
    • EPSS Score: %1.21
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-38688

    An improper authentication vulnerability has been reported to affect Android App Qfile. If exploited, this vulnerability allows attackers to compromise app and access information We have already fixed this vulnerability in the following versions of Qfile:... Read more

    Affected Products : qfile
    • EPSS Score: %0.21
    • Published: Dec. 29, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-38687

    A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Sur... Read more

    Affected Products : qts surveillance_station
    • EPSS Score: %0.81
    • Published: Dec. 29, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-38686

    An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QV... Read more

    Affected Products : qvr
    • EPSS Score: %0.28
    • Published: Nov. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-38685

    A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6... Read more

    Affected Products : qvr
    • EPSS Score: %1.13
    • Published: Nov. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-38684

    A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multi... Read more

    Affected Products : multimedia_console
    • EPSS Score: %0.81
    • Published: Nov. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-38682

    A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following ver... Read more

    Affected Products : qvr_elite qvr_guard qvr_pro
    • EPSS Score: %1.21
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-38681

    A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from... Read more

    Affected Products : ragic_cloud_db nas
    • EPSS Score: %0.25
    • Published: Nov. 20, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-38680

    A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Kazoo Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions ... Read more

    Affected Products : kazoo_server
    • EPSS Score: %0.23
    • Published: Dec. 29, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-38679

    An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versi... Read more

    Affected Products : kazoo_server
    • EPSS Score: %0.20
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-38678

    An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the follo... Read more

    Affected Products : qcalagent
    • EPSS Score: %0.17
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-38677

    A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of ... Read more

    Affected Products : qcalagent
    • EPSS Score: %0.32
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-38675

    A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Image2PDF. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of ... Read more

    Affected Products : image2pdf nas
    • EPSS Score: %0.13
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-38674

    A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Q... Read more

    Affected Products : quts_hero qts qutscloud
    • EPSS Score: %0.19
    • Published: Jan. 07, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    CRITICAL
    CVE-2021-38672

    Windows Hyper-V Remote Code Execution Vulnerability... Read more

    • EPSS Score: %0.48
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-38671

    Windows Print Spooler Elevation of Privilege Vulnerability... Read more

    • EPSS Score: %0.43
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-38669

    Microsoft Edge (Chromium-based) Tampering Vulnerability... Read more

    Affected Products : edge edge_chromium
    • EPSS Score: %0.46
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-38667

    Windows Print Spooler Elevation of Privilege Vulnerability... Read more

    • EPSS Score: %0.43
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-38666

    Remote Desktop Client Remote Code Execution Vulnerability... Read more

    • EPSS Score: %18.95
    • Published: Nov. 10, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291812 Results