Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-33823

    An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.... Read more

    Affected Products : mgate_mb3180_firmware mgate_mb3180
    • EPSS Score: %0.54
    • Published: Jun. 18, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33822

    An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then t... Read more

    • EPSS Score: %0.56
    • Published: Jun. 18, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33820

    An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.... Read more

    • EPSS Score: %0.56
    • Published: Jun. 18, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33818

    An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted... Read more

    • EPSS Score: %0.56
    • Published: Jun. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-33816

    The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shell_exec are blocked but backticks are not blocked.... Read more

    Affected Products : dolibarr_erp\/crm
    • EPSS Score: %2.57
    • Published: Nov. 10, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-33815

    dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.12
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33813

    An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.... Read more

    • EPSS Score: %0.06
    • Published: Jun. 16, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33807

    Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.... Read more

    Affected Products : gespage
    • EPSS Score: %75.89
    • Published: Jul. 12, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-33806

    The BDew BdLib library before 1.16.1.7 for Minecraft allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of its use of Java serialization.... Read more

    Affected Products : bdlib
    • EPSS Score: %6.86
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33800

    In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal.... Read more

    Affected Products : druid
    • EPSS Score: %0.42
    • Published: Nov. 03, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-33798

    A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via a crafted file. ... Read more

    Affected Products : libpano13
    • EPSS Score: %0.06
    • Published: Jul. 07, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-33796

    In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service. ... Read more

    Affected Products : mujs
    • EPSS Score: %0.08
    • Published: Jul. 07, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-33795

    Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.... Read more

    Affected Products : foxit_reader phantompdf
    • EPSS Score: %0.02
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-33794

    Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.... Read more

    Affected Products : foxit_reader phantompdf
    • EPSS Score: %0.03
    • Published: Aug. 11, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-33793

    Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion.... Read more

    Affected Products : foxit_reader phantompdf
    • EPSS Score: %0.03
    • Published: Aug. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-33792

    Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary.... Read more

    Affected Products : foxit_reader phantompdf
    • EPSS Score: %0.04
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-33790

    The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.ExtendedPacketBuffer. An attacker can instantiate any class on the classpath with ... Read more

    Affected Products : minecraft reborncore
    • EPSS Score: %5.43
    • Published: May. 31, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33788

    Windows LSA Denial of Service Vulnerability... Read more

    • EPSS Score: %4.34
    • Published: Jul. 14, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-33786

    Windows LSA Security Feature Bypass Vulnerability... Read more

    • EPSS Score: %1.15
    • Published: Jul. 14, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33785

    Windows AF_UNIX Socket Provider Denial of Service Vulnerability... Read more

    • EPSS Score: %4.34
    • Published: Jul. 14, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291551 Results