Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.9

MEDIUM

CVE-2021-38545

Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-op...

Affected Products : raspberry_pi_3_model_b\+_firmware raspberry_pi_4_model_b_firmware raspberry_pi_3_model_b\+ raspberry_pi_4_model_b
EPSS Score: %0.29

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
5.9

MEDIUM

CVE-2021-38544

Sony SRS-XB33 and SRS-XB43 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected ...

Affected Products : srs-xb33_firmware srs-xb43_firmware srs-xb33 srs-xb43
EPSS Score: %0.29

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
5.9

MEDIUM

CVE-2021-38543

TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-o...

Affected Products : ue330_firmware ue330
EPSS Score: %0.29

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
5.9

MEDIUM

CVE-2021-38542

Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information....

Affected Products : james
EPSS Score: %0.28

Published: Jan. 04, 2022

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-38540

The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information di...

Affected Products : airflow
EPSS Score: %89.91

Published: Sep. 09, 2021

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2021-38539

Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.2.126, R7000 before 1.0.9.42, R7000P before 1...

Affected Products : r6700_firmware r6900_firmware r6900p_firmware r7000_firmware r7000p_firmware r6400_firmware r7900_firmware d8500_firmware r7100lg_firmware r8300_firmware +14 more products
EPSS Score: %0.21

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
6.3

MEDIUM

CVE-2021-38538

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40...

Affected Products : r7800_firmware r8900_firmware r9000_firmware xr500_firmware d7800_firmware rax120_firmware rbk20_firmware rbr20_firmware rbs20_firmware rbk40_firmware +20 more products
EPSS Score: %0.25

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2021-38537

Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R69...

Affected Products : d6200_firmware d7000_firmware r6020_firmware r6080_firmware r6120_firmware r6260_firmware r6700_firmware r6800_firmware r6900_firmware ac2100_firmware +26 more products
EPSS Score: %0.20

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2021-38536

Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R69...

Affected Products : d6200_firmware d7000_firmware r6020_firmware r6080_firmware r6120_firmware r6260_firmware r6700_firmware r6800_firmware r6900_firmware ac2100_firmware +28 more products
EPSS Score: %0.33

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2021-38535

Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R69...

Affected Products : d6200_firmware d7000_firmware r6020_firmware r6080_firmware r6120_firmware r6260_firmware r6700_firmware r6800_firmware r6900_firmware ac2100_firmware +28 more products
EPSS Score: %0.36

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2021-38534

Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D85...

Affected Products : dgn2200_firmware d3600_firmware d6000_firmware d6200_firmware d7000_firmware jr6150_firmware pr2000_firmware r6020_firmware r6050_firmware r6080_firmware +76 more products
EPSS Score: %0.25

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
5.4

MEDIUM

CVE-2021-38533

NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS....

Affected Products : rax40_firmware rax40
EPSS Score: %0.29

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2021-38532

NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings....

Affected Products : wac104_firmware wac104
EPSS Score: %0.54

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2021-38531

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1....

Affected Products : d6200_firmware d7000_firmware r6020_firmware r6080_firmware r6120_firmware r6260_firmware r6700_firmware r6800_firmware r6900_firmware ac2100_firmware +14 more products
EPSS Score: %0.25

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-38530

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2...

Affected Products : rbk20_firmware rbr20_firmware rbs20_firmware rbk40_firmware rbr40_firmware rbs40_firmware rbk50_firmware rbr50_firmware rbs50_firmware rbs50y_firmware +10 more products
EPSS Score: %1.66

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-38529

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1.0.4.26, and R9000 before 1.0.4.26....

Affected Products : r7800_firmware r8900_firmware r9000_firmware d7800_firmware d7800 r9000 r8900 r7800
EPSS Score: %1.47

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-38528

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6900P before 1.3.2.132, R7000P before 1.3.2.132, R7100LG before 1.0.0.64, WNDR3400v3 before 1.0.1.38, and XR300 before 1.0.3.56....

Affected Products : r6900p_firmware r7000p_firmware xr300_firmware d8500_firmware r7100lg_firmware wndr3400_firmware r7100lg d8500 r6900p r7000p +2 more products
EPSS Score: %2.93

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-38527

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, ...

Affected Products : r7800_firmware ex8000_firmware xr500_firmware rbs40v_firmware rbk752_firmware rbr750_firmware rbs750_firmware rbk852_firmware rbr850_firmware rbs850_firmware +58 more products
EPSS Score: %2.46

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-38526

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX35 before 1.0.3.94, RAX38 before 1.0.3.94, and RAX40 before 1.0.3.94....

Affected Products : rax35_firmware rax40_firmware rax38_firmware rax40 rax35 rax38
EPSS Score: %0.28

Published: Aug. 11, 2021

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2021-38525

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8...

Affected Products : r7800_firmware d3600_firmware d6000_firmware d6200_firmware d7000_firmware ex6200_firmware ex7000_firmware ex8000_firmware jr6150_firmware pr2000_firmware +42 more products
EPSS Score: %0.50

Published: Aug. 11, 2021

Modified: Nov. 21, 2024

Showing 20 of 291806 Results

Latest CVE Feed

5.9

5.9

5.9

5.9

9.8

8.8

6.3

4.8

4.8

4.8

4.8

5.4

7.2

7.2

10.0

9.8

10.0

10.0

7.5

7.2

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable