Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2021-3813

    Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2.... Read more

    Affected Products : chatwoot
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-3812

    adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : web_interface
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-3811

    adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more

    Affected Products : web_interface
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3810

    code-server is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : code-server
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3807

    ansi-regex is vulnerable to Inefficient Regular Expression Complexity... Read more

    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-3806

    A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.... Read more

    Affected Products : pardus_software_center parduslinux
    • Published: Sep. 18, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3805

    object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Read more

    Affected Products : debian_linux object-path
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-3804

    taro is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : taro
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3803

    nth-check is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : debian_linux nth-check
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2021-3802

    A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.... Read more

    Affected Products : enterprise_linux fedora udisks
    • Published: Nov. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3801

    prism is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : prism
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3800

    A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.... Read more

    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2021-3799

    grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames... Read more

    Affected Products : grav-plugin-admin
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3798

    A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key... Read more

    Affected Products : opencryptoki
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-3797

    hestiacp is vulnerable to Use of Wrong Operator in String Comparison... Read more

    Affected Products : control_panel
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2021-3796

    vim is vulnerable to Use After Free... Read more

    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3795

    semver-regex is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : semver-regex
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-3794

    vuelidate is vulnerable to Inefficient Regular Expression Complexity... Read more

    Affected Products : vuelidate
    • Published: Sep. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-3793

    An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosu... Read more

    • Published: Nov. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-3792

    Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead to the communication channel being accessible by an attacker.... Read more

    • Published: Nov. 12, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293509 Results