Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2021-34410

    A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root.... Read more

    Affected Products : zoom_plugin_for_microsoft_outlook
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34409

    It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before... Read more

    Affected Products : rooms meetings screen_sharing
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34408

    The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link... Read more

    Affected Products : meetings
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2021-34406

    NVIDIA Tegra kernel driver contains a vulnerability in NVHost, where a specific race condition can lead to a null pointer dereference, which may lead to a system reboot.... Read more

    Affected Products : android shield_experience
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34405

    NVIDIA Linux distributions contain a vulnerability in TrustZone’s TEE_Malloc function, where an unchecked return value causing a null pointer dereference may lead to denial of service.... Read more

    Affected Products : android shield_experience
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2021-34404

    Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality... Read more

    Affected Products : android shield_experience
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34403

    NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.... Read more

    Affected Products : android shield_experience
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-34402

    NVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVDEC, where a user with high privileges might be able to read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service, Infor... Read more

    Affected Products : android shield_experience
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34401

    NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER, where improper access control may lead to code execution, compromised integrity, or denial of service.... Read more

    Affected Products : android shield_experience
    • Published: Jan. 18, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2021-34400

    NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.... Read more

    • Published: Nov. 20, 2021
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2021-34399

    NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.... Read more

    • Published: Nov. 20, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34398

    NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality ... Read more

    Affected Products : data_center_gpu_manager
    • Published: Aug. 13, 2021
    • Modified: Nov. 21, 2024

  • 2.3

    LOW
    CVE-2021-34397

    Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 3.0

    LOW
    CVE-2021-34396

    Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2021-34395

    Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited information disclosure, a low risk of modifcations to data, and l... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-34394

    Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to informati... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2021-34393

    Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information d... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34392

    Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34391

    Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service.... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34390

    Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service.... Read more

    • Published: Jun. 22, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293299 Results