Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2021-32969

    Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code.... Read more

    Affected Products : diascreen
    • EPSS Score: %0.21
    • Published: May. 24, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-32968

    Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition.... Read more

    • EPSS Score: %0.96
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-32967

    Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges.... Read more

    Affected Products : diaenergie
    • EPSS Score: %0.26
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-32966

    Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which ... Read more

    Affected Products : interoperability_solution_xds
    • EPSS Score: %0.10
    • Published: May. 25, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-32965

    Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code.... Read more

    Affected Products : diascreen
    • EPSS Score: %0.21
    • Published: May. 24, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-32964

    The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal attack, which may allow an attacker to read arbitrary files from the file system.... Read more

    Affected Products : webserver
    • EPSS Score: %0.18
    • Published: May. 24, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-32963

    Null pointer dereference in SuiteLink server while processing commands 0x03/0x10... Read more

    Affected Products : suitelink
    • EPSS Score: %0.46
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2021-32962

    The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to cross-site scripting, which may allow an attacker to remotely execute arbitrary code.... Read more

    Affected Products : webserver
    • EPSS Score: %0.23
    • Published: May. 24, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-32961

    A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an optional parameter, resulting in the processing of a request in a special manner. This can result in the execution of an unzip command and place a malicious .exe fil... Read more

    • EPSS Score: %0.34
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-32959

    Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06... Read more

    Affected Products : suitelink
    • EPSS Score: %0.64
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-32958

    Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session toke... Read more

    Affected Products : secure_remote_access
    • EPSS Score: %0.04
    • Published: May. 23, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-32957

    A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent proces... Read more

    • EPSS Score: %0.16
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-32956

    Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage.... Read more

    Affected Products : webaccess\/scada
    • EPSS Score: %0.16
    • Published: Jun. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-32955

    Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may allow an attacker to remotely execute code.... Read more

    Affected Products : diaenergie
    • EPSS Score: %0.57
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-32954

    Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system.... Read more

    Affected Products : webaccess\/scada
    • EPSS Score: %0.21
    • Published: Jun. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-32953

    An attacker could utilize SQL commands to create a new user MDT AutoSave versions prior to v6.02.06 and update the user’s permissions, granting the attacker the ability to login.... Read more

    • EPSS Score: %0.21
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-32952

    An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and all... Read more

    • EPSS Score: %0.25
    • Published: Jun. 17, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-32951

    WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices manag... Read more

    Affected Products : webaccess\/nms
    • EPSS Score: %0.13
    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-32950

    An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and all... Read more

    • EPSS Score: %0.32
    • Published: Jun. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-32949

    An attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits changing a designated path to another path and traversing the directory, allowing the replacement of an existing file with a malicious file.... Read more

    • EPSS Score: %0.28
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292508 Results