Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2021-38634

Microsoft Windows Update Client Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_server_2022 windows_10_1507 windows_10_21h1 windows_10_1909 +2 more products
EPSS Score: %0.35

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-38633

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
EPSS Score: %0.43

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
5.7

MEDIUM

CVE-2021-38632

BitLocker Security Feature Bypass Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_server_2022 windows_10_21h1 windows_10_1909 windows_server_20h2 +1 more products
EPSS Score: %0.48

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
4.4

MEDIUM

CVE-2021-38631

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products
EPSS Score: %0.35

Published: Nov. 10, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-38630

Windows Event Tracing Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +9 more products
EPSS Score: %0.24

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
6.5

MEDIUM

CVE-2021-38629

Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
EPSS Score: %14.18

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-38628

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products
EPSS Score: %0.33

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-38626

Windows Kernel Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2008_sp2
EPSS Score: %0.25

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-38625

Windows Kernel Elevation of Privilege Vulnerability...

Affected Products : windows_server_2008 windows_server_2008_sp2
EPSS Score: %0.25

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
6.5

MEDIUM

CVE-2021-38624

Windows Key Storage Provider Security Feature Bypass Vulnerability...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_server_2022 windows_11_21h2 windows_10_21h1 windows_10_1909 windows_server_20h2 +1 more products
EPSS Score: %0.47

Published: Sep. 15, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-38623

The deferred_image_processing (aka Deferred image processing) extension before 1.0.2 for TYPO3 allows Denial of Service via the FAL API because of /var/transient disk consumption....

Affected Products : deferred_image_processing
EPSS Score: %0.39

Published: Aug. 13, 2021

Modified: Nov. 21, 2024
9.1

CRITICAL

CVE-2021-38621

The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat Server before 2021-07-30 mishandles file ownership....

Affected Products : flat_server
EPSS Score: %0.28

Published: Aug. 13, 2021

Modified: Nov. 21, 2024
6.1

MEDIUM

CVE-2021-38619

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting (XSS) attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/...

Affected Products : openbaraza_human_capital_management
EPSS Score: %5.36

Published: Aug. 13, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-38614

Polipo through 1.1.1, when NDEBUG is used, allows a heap-based buffer overflow during parsing of a Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Affected Products : polipo
EPSS Score: %0.45

Published: Aug. 12, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-38613

The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution....

Affected Products : remkon_device_manager
EPSS Score: %8.94

Published: Aug. 24, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-38612

In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL....

Affected Products : remkon_device_manager
EPSS Score: %0.44

Published: Aug. 24, 2021

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2021-38611

A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php....

Affected Products : remkon_device_manager
EPSS Score: %3.68

Published: Aug. 24, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-38608

Incorrect Access Control in Tranquil WAPT Enterprise - before 1.8.2.7373 and before 2.0.0.9450 allows guest OS users to escalate privileges via WAPT Agent....

Affected Products : wapt
EPSS Score: %0.04

Published: Aug. 16, 2021

Modified: Nov. 21, 2024
5.4

MEDIUM

CVE-2021-38607

Crocoblock JetEngine before 2.6.1 allows XSS by remote authenticated users via a custom form input....

Affected Products : jetengine
EPSS Score: %0.21

Published: Aug. 16, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-38606

reNgine through 0.5 relies on a predictable directory name....

Affected Products : rengine rengine
EPSS Score: %0.43

Published: Aug. 12, 2021

Modified: Nov. 21, 2024

Showing 20 of 292508 Results

Browse by Apps

Latest CVE Feed

7.8

7.8

5.7

4.4

7.8

6.5

7.8

7.8

7.8

6.5

7.5

9.1

6.1

7.5

10.0

7.5

10.0

7.8

5.4

9.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable