Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2021-32274

    An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.... Read more

    Affected Products : debian_linux faad2
    • EPSS Score: %0.15
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-32273

    An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution.... Read more

    Affected Products : debian_linux faad2
    • EPSS Score: %0.13
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-32272

    An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution.... Read more

    Affected Products : debian_linux faad2
    • EPSS Score: %0.19
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-32271

    An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.... Read more

    Affected Products : gpac
    • EPSS Score: %0.45
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-32270

    An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : gpac
    • EPSS Score: %0.15
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-32269

    An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service.... Read more

    Affected Products : gpac
    • EPSS Score: %0.15
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-32268

    Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.... Read more

    Affected Products : gpac
    • EPSS Score: %0.74
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-32265

    An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.... Read more

    Affected Products : bento4
    • EPSS Score: %0.64
    • Published: Sep. 20, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-32263

    ok-file-formats through 2021-04-29 has a heap-based buffer overflow in the ok_csv_circular_buffer_read function in ok_csv.c.... Read more

    Affected Products : ok-file-formats
    • EPSS Score: %0.21
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-32256

    An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.... Read more

    Affected Products : binutils
    • EPSS Score: %0.12
    • Published: Jul. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-32245

    In PageKit v1.0.18, a user can upload SVG files in the file upload portion of the CMS. These SVG files can contain malicious scripts. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the websi... Read more

    Affected Products : pagekit
    • EPSS Score: %0.19
    • Published: Jun. 16, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-32244

    Cross Site Scripting (XSS) in Moodle 3.10.3 allows remote attackers to execute arbitrary web script or HTML via the "Description" field.... Read more

    Affected Products : moodle
    • EPSS Score: %0.13
    • Published: Jun. 16, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-32243

    FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated).... Read more

    Affected Products : fogproject
    • EPSS Score: %0.47
    • Published: Jun. 16, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-32238

    Epic Games / Psyonix Rocket League <=1.95 is affected by Buffer Overflow. Stack-based buffer overflow occurs when Rocket League handles UPK object files that can result in code execution and denial of service scenario.... Read more

    Affected Products : rocket_league
    • EPSS Score: %0.63
    • Published: May. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-32234

    SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.... Read more

    Affected Products : smartermail
    • EPSS Score: %3.07
    • Published: Nov. 17, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-32233

    SmarterTools SmarterMail before Build 7776 allows XSS.... Read more

    Affected Products : smartermail
    • EPSS Score: %0.28
    • Published: Jul. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-32202

    In CS-Cart version 4.11.1, it is possible to induce copy-paste XSS by manipulating the "post description" filed in the blog post creation page.... Read more

    Affected Products : cs-cart
    • EPSS Score: %0.24
    • Published: Sep. 14, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-32198

    EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does no... Read more

    Affected Products : zoc
    • EPSS Score: %0.57
    • Published: Jun. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-32172

    Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.... Read more

    Affected Products : maian_cart
    • EPSS Score: %70.44
    • Published: Oct. 07, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-32162

    A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.... Read more

    Affected Products : webmin
    • EPSS Score: %8.02
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292124 Results