Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2021-31540

    Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application serv... Read more

    Affected Products : streaming_engine
    • EPSS Score: %0.04
    • Published: Apr. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-31539

    Wowza Streaming Engine before 4.8.8.01 (in a default installation) has cleartext passwords stored in the conf/admin.password file. A regular local user is able to read usernames and passwords.... Read more

    Affected Products : streaming_engine
    • EPSS Score: %0.02
    • Published: Apr. 23, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-31538

    LANCOM R&S Unified Firewall (UF) devices running LCOS FX 10.5 allow Relative Path Traversal.... Read more

    Affected Products : lcos_fx uf-160 uf-260 uf-500 uf-60 uf-910
    • EPSS Score: %0.42
    • Published: Jun. 10, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-31537

    SIS SIS-REWE Go before 7.7 SP17 allows XSS: rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters).... Read more

    Affected Products : sis-rewe_go
    • EPSS Score: %72.05
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-31535

    LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests wi... Read more

    Affected Products : fedora libx11 x_window_system
    • EPSS Score: %2.60
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-31532

    NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocume... Read more

    • EPSS Score: %0.06
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2021-31525

    net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.... Read more

    Affected Products : fedora go
    • EPSS Score: %0.01
    • Published: May. 27, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31523

    The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Mesa 3D Graphics l... Read more

    Affected Products : xscreensaver
    • EPSS Score: %0.04
    • Published: Apr. 21, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-31522

    Kylin can receive user input and load any class through Class.forName(...). This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions.... Read more

    Affected Products : kylin
    • EPSS Score: %5.80
    • Published: Jan. 06, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-31521

    Trend Micro InterScan Web Security Virtual Appliance version 6.5 was found to have a reflected cross-site scripting (XSS) vulnerability in the product's Captive Portal.... Read more

    • EPSS Score: %0.40
    • Published: Jun. 17, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-31520

    A weak session token authentication bypass vulnerability in Trend Micro IM Security 1.6 and 1.6.5 could allow an remote attacker to guess currently logged-in administrators' session session token in order to gain access to the product's web management int... Read more

    Affected Products : im_security
    • EPSS Score: %1.50
    • Published: May. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-31519

    An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code... Read more

    Affected Products : windows housecall_for_home_networks
    • EPSS Score: %0.09
    • Published: May. 12, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31518

    Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to... Read more

    Affected Products : home_network_security
    • EPSS Score: %0.69
    • Published: May. 05, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31517

    Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to... Read more

    Affected Products : home_network_security
    • EPSS Score: %0.69
    • Published: May. 05, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31516

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vector 35 Binary Ninja 2.3.2660 (Build ID 88f343c3). User interaction is required to exploit this vulnerability in that the target must visit a malicious pag... Read more

    Affected Products : binary_ninja
    • EPSS Score: %1.32
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31515

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vector 35 Binary Ninja 2.3.2660 (Build ID 88f343c3). User interaction is required to exploit this vulnerability in that the target must visit a malicious pag... Read more

    Affected Products : binary_ninja
    • EPSS Score: %1.32
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31514

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ... Read more

    Affected Products : brava\!_desktop
    • EPSS Score: %0.48
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31513

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ... Read more

    Affected Products : brava\!_desktop
    • EPSS Score: %0.48
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31512

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ... Read more

    Affected Products : brava\!_desktop
    • EPSS Score: %0.48
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-31511

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ... Read more

    Affected Products : brava\!_desktop
    • EPSS Score: %0.48
    • Published: Jun. 29, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292650 Results