Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2021-3823

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender Gra... Read more

    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3822

    jsoneditor is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : jsoneditor
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3820

    inflect is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : inflect
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-3819

    firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)... Read more

    Affected Products : firefly_iii
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2021-3818

    grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking... Read more

    Affected Products : grav
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-3817

    wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command... Read more

    Affected Products : wbce_cms
    • Published: Dec. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-3816

    Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php.... Read more

    Affected Products : cacti
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-3815

    utils.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Read more

    Affected Products : utils.js
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3814

    It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure.... Read more

    Affected Products : 3scale
    • Published: Mar. 25, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3813

    Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2.... Read more

    Affected Products : chatwoot
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-3812

    adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : web_interface
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-3811

    adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : web_interface
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3810

    code-server is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : code-server
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3807

    ansi-regex is vulnerable to Inefficient Regular Expression Complexity... Read more

    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-3806

    A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.... Read more

    Affected Products : pardus_software_center parduslinux
    • Published: Sep. 18, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3805

    object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Read more

    Affected Products : debian_linux object-path
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3804

    taro is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : taro
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3803

    nth-check is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : debian_linux nth-check
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2021-3802

    A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.... Read more

    Affected Products : enterprise_linux fedora udisks
    • Published: Nov. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3801

    prism is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : prism
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293246 Results