Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2021-31917

    A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). An attacker could bypass authentication on all REST endpoints when DIGEST is used as the authentication method. The highest threat from this v... Read more

    Affected Products : data_grid infinispan-server-rest
    • EPSS Score: %0.43
    • Published: Sep. 21, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-31916

    An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain acc... Read more

    • EPSS Score: %0.02
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-31915

    In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.16
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-31914

    In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.... Read more

    Affected Products : windows teamcity
    • EPSS Score: %0.04
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-31913

    In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-31912

    In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.01
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-31911

    In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.01
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-31910

    In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-31909

    In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.15
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-31908

    In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.01
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-31907

    In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-31906

    In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-31905

    In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-31904

    In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.01
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-31903

    In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-31902

    In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-31901

    In JetBrains Hub before 2021.1.13079, two-factor authentication wasn't enabled properly for the All Users group.... Read more

    Affected Products : hub
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-31900

    In JetBrains Code With Me bundled to the compatible IDE versions before 2021.1, a client could open a browser on a host.... Read more

    Affected Products : code_with_me
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-31899

    In JetBrains Code With Me bundled to the compatible IDEs before version 2021.1, the client could execute code in read-only mode.... Read more

    Affected Products : code_with_me
    • EPSS Score: %0.01
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-31898

    In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS.... Read more

    Affected Products : webstorm
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292316 Results