Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.7

    HIGH
    CVE-2021-33184

    Server-Side request forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.15-3563 allows remote authenticated users to read arbitrary files via unspecified vectors.... Read more

    Affected Products : download_station
    • Published: Jun. 01, 2021
    • Modified: Nov. 21, 2024

  • 7.9

    HIGH
    CVE-2021-33183

    Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability container volume management component in Synology Docker before 18.09.0-0515 allows local users to read or write arbitrary files via unspecified vectors.... Read more

    Affected Products : docker
    • Published: Jun. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-33181

    Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology Video Station before 2.4.10-1632 allows remote authenticated users to send arbitrary request to intranet resources via unspecified vectors.... Read more

    Affected Products : video_station
    • Published: Jun. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-33180

    Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : media_server
    • Published: Jun. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-33179

    The general user interface in Nagios XI versions prior to 5.8.4 is vulnerable to authenticated reflected cross-site scripting. An authenticated victim, who accesses a specially crafted malicious URL, would unknowingly execute the attached payload.... Read more

    Affected Products : nagios_xi
    • Published: Oct. 14, 2021
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2021-33178

    The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local syste... Read more

    Affected Products : nagvis
    • Published: Oct. 14, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-33177

    The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrar... Read more

    Affected Products : nagios_xi
    • Published: Oct. 14, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33176

    VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, result... Read more

    Affected Products : vernemq
    • Published: Jun. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-33175

    EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in t... Read more

    Affected Products : emq_x_broker
    • Published: Jun. 08, 2021
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2021-33164

    Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    • Published: Nov. 11, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-33162

    Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-33161

    Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-33158

    Improper neutralization in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-33157

    Insufficient control flow management in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-33146

    Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable information disclosure via network access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-33145

    Uncaught exception in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 6.0

    MEDIUM
    CVE-2021-33142

    Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-33141

    Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable denial of service via network access.... Read more

    Affected Products :
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-33118

    Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R) NUC 11 Gen before version 30.100.2104.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • Published: Nov. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-33106

    Integer overflow in the Safestring library maintained by Intel(R) may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : safestring_library
    • Published: Nov. 17, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293344 Results