Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2021-34616

    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %1.74
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-34615

    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %1.74
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-34614

    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %1.74
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-34613

    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %1.74
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-34612

    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %1.74
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-34611

    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %2.45
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-34610

    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %3.30
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-34609

    A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.... Read more

    Affected Products : clearpass_policy_manager
    • EPSS Score: %0.61
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-34606

    A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential at... Read more

    Affected Products : xd\/e_series_plc_program_tool
    • EPSS Score: %0.06
    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-34605

    A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infec... Read more

    Affected Products : xd\/e_series_plc_program_tool
    • EPSS Score: %0.31
    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-34602

    In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields that are executed with root privileges.... Read more

    • EPSS Score: %4.75
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-34601

    In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to ... Read more

    • EPSS Score: %0.41
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34600

    Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.... Read more

    Affected Products : compasx
    • EPSS Score: %0.12
    • Published: Jan. 20, 2022
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-34599

    Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS cert... Read more

    Affected Products : development_system git
    • EPSS Score: %0.09
    • Published: Dec. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-34598

    In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active... Read more

    • EPSS Score: %0.27
    • Published: Nov. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34597

    Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.... Read more

    Affected Products : pc_worx pc_worx_express
    • EPSS Score: %0.16
    • Published: Nov. 04, 2021
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2021-34594

    TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system.... Read more

    • EPSS Score: %0.57
    • Published: Nov. 04, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-34592

    In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields.... Read more

    • EPSS Score: %2.11
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34591

    In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd.... Read more

    • EPSS Score: %0.13
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-34590

    In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.... Read more

    • EPSS Score: %0.68
    • Published: Apr. 27, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291221 Results