Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2021-37557

    A SQL injection vulnerability in image generation in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php ... Read more

    Affected Products : centreon
    • EPSS Score: %34.33
    • Published: Aug. 03, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-37556

    A SQL injection vulnerability in reporting export in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/reporting/dashboard/csvExport/csv_HostGroupLog... Read more

    Affected Products : centreon
    • EPSS Score: %34.33
    • Published: Aug. 03, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-37555

    TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then downl... Read more

    • EPSS Score: %0.37
    • Published: Jul. 26, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-37554

    In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-37553

    In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-37552

    In JetBrains YouTrack before 2021.2.17925, stored XSS was possible.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.01
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-37551

    In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-37550

    In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-37549

    In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-37548

    In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-37547

    In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-37546

    In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-37545

    In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-37544

    In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.02
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-37543

    In JetBrains RubyMine before 2021.1.1, code execution without user confirmation was possible for untrusted projects.... Read more

    Affected Products : rubymine
    • EPSS Score: %0.01
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-37542

    In JetBrains TeamCity before 2020.2.3, XSS was possible.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.01
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-37541

    In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible.... Read more

    Affected Products : hub
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-37540

    In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used.... Read more

    Affected Products : hub
    • EPSS Score: %0.00
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-37539

    Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution.... Read more

    Affected Products : manageengine_admanager_plus
    • EPSS Score: %38.22
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-37538

    Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive contr... Read more

    Affected Products : smartblog
    • EPSS Score: %84.26
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291736 Results