Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2021-3007

    Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the Zend\Http\Response\Stream class in Str... Read more

    Affected Products : laminas-http zend_framework
    • Published: Jan. 04, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3006

    The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an Ethereum token, lacks access control and thus allows price manipulation, as exploited in the wild in December 2020 and January 2021.... Read more

    Affected Products : seal_finance
    • Published: Jan. 03, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-3005

    MK-AUTH through 19.01 K4.9 allows remote attackers to obtain sensitive information (e.g., a CPF number) via a modified titulo (aka invoice number) value to the central/recibo.php URI.... Read more

    Affected Products : mk-auth
    • Published: Jan. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3004

    The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an Ethereum token, has certain incorrect calculations. An attacker can obtain more yCREDIT tokens than they should.... Read more

    Affected Products : stableyieldcredit
    • Published: Jan. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-3003

    Agenzia delle Entrate Desktop Telematico 1.0.0 contacts the jws.agenziaentrate.it server over cleartext HTTP, which allows man-in-the-middle attackers to spoof product updates.... Read more

    Affected Products : desktop_telematico
    • Published: May. 10, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-3002

    Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter.... Read more

    Affected Products : seo_panel
    • Published: Jan. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-39999

    There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit c... Read more

    Affected Products : ese620x_vess_firmware ese620x_vess
    • Published: Jul. 12, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-39998

    There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-39997

    There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds access.... Read more

    Affected Products : emui
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-39996

    There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-39995

    Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R... Read more

    • Published: Nov. 29, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-39994

    There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.... Read more

    Affected Products : emui
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-39993

    There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.... Read more

    Affected Products : emui magic_ui
    • Published: Jan. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-39992

    There is an improper security permission configuration vulnerability on ACPU.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.... Read more

    Affected Products : emui
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39991

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39986

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-39982

    Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-39981

    Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-39980

    Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-39979

    HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292818 Results