Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2021-3785

    yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : yourls
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2021-3784

    Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings manager', an insecure procedure is performed that keeps the created user without an ass... Read more

    Affected Products : garuda_linux
    • Published: Oct. 04, 2023
    • Modified: Nov. 21, 2024

  • 6.6

    MEDIUM
    CVE-2021-3783

    yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : yourls
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2021-3781

    A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the cont... Read more

    Affected Products : fedora ghostscript
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2021-3780

    peertube is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : peertube
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3779

    A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.... Read more

    Affected Products : ruby-mysql
    • Published: Jun. 28, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3778

    vim is vulnerable to Heap-based Buffer Overflow... Read more

    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3777

    nodejs-tmpl is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : tmpl
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2021-3776

    showdoc is vulnerable to Cross-Site Request Forgery (CSRF)... Read more

    Affected Products : showdoc
    • Published: Nov. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2021-3775

    showdoc is vulnerable to Cross-Site Request Forgery (CSRF)... Read more

    Affected Products : showdoc
    • Published: Nov. 13, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-3774

    Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version and before, creates an open Wi-Fi Access Point without the required security measures in its initial setup. This could allow a remote attacker to obtain the Wi-Fi SSID as well as the pas... Read more

    Affected Products : mss550x_firmware mss550x
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3772

    A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP address... Read more

    • Published: Mar. 02, 2022
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-3770

    vim is vulnerable to Heap-based Buffer Overflow... Read more

    • Published: Sep. 06, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-3769

    # Vulnerability in `pygmalion`, `pygmalion-virtualenv` and `refined` themes **Description**: these themes use `print -P` on user-supplied strings to print them to the terminal. All of them do that on git information, particularly the branch name, so if th... Read more

    Affected Products : oh_my_zsh
    • Published: Nov. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-3768

    bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : bookstack
    • Published: Sep. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-3767

    bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : bookstack
    • Published: Sep. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-3766

    objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Read more

    Affected Products : objection
    • Published: Sep. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3765

    validator.js is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : validator
    • Published: Nov. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3764

    A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system avail... Read more

    Affected Products : linux_kernel
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-3763

    A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact... Read more

    Affected Products : amq_broker
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293329 Results