Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2021-29362

    A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.... Read more

    Affected Products : irfanview
    • EPSS Score: %0.65
    • Published: Sep. 28, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29361

    A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.... Read more

    Affected Products : irfanview
    • EPSS Score: %0.65
    • Published: Sep. 28, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29360

    A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.... Read more

    Affected Products : irfanview
    • EPSS Score: %0.65
    • Published: Sep. 28, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-29358

    A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.... Read more

    Affected Products : irfanview
    • EPSS Score: %0.19
    • Published: Sep. 28, 2021
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-29357

    The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests.... Read more

    • EPSS Score: %0.25
    • Published: Apr. 12, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-29350

    SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php.... Read more

    • EPSS Score: %0.52
    • Published: Apr. 29, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-29349

    Mahara 20.10 is affected by Cross Site Request Forgery (CSRF) that allows a remote attacker to remove inbox-mail on the server. The application fails to validate the CSRF token for a POST request. An attacker can craft a module/multirecipientnotification/... Read more

    Affected Products : mahara
    • EPSS Score: %0.57
    • Published: Mar. 31, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-29343

    Ovidentia CMS 6.x contains a SQL injection vulnerability in the "id" parameter of index.php. The "checkbox" property into "text" data can be extracted and displayed in the text region or in source code.... Read more

    Affected Products : ovidentia
    • EPSS Score: %0.19
    • Published: Mar. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-29338

    Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.... Read more

    Affected Products : fedora openjpeg debian_linux
    • EPSS Score: %0.09
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29337

    MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory.... Read more

    Affected Products : dragon_center
    • EPSS Score: %0.09
    • Published: Jun. 21, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29329

    OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c.... Read more

    Affected Products : moddable moddable_sdk
    • EPSS Score: %0.18
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-29328

    OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c.... Read more

    Affected Products : moddable moddable_sdk
    • EPSS Score: %0.17
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29327

    OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c.... Read more

    Affected Products : moddable moddable_sdk
    • EPSS Score: %0.18
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29326

    OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c.... Read more

    Affected Products : moddable moddable_sdk
    • EPSS Score: %0.18
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29325

    OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c.... Read more

    Affected Products : moddable moddable_sdk
    • EPSS Score: %0.18
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-29324

    OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c.... Read more

    Affected Products : moddable moddable_sdk
    • EPSS Score: %0.18
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-29323

    OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component /modules/network/wifi/esp/modwifi.c.... Read more

    Affected Products : moddable moddable_sdk
    • EPSS Score: %0.15
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-29313

    Cross Site Scripting (XSS) vulnerability exists in SeaCMS 12.6 via the (1) v_company and (2) v_tvs parameters in /admin_video.php,... Read more

    Affected Products : seacms
    • EPSS Score: %0.20
    • Published: Aug. 17, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-29302

    TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may ... Read more

    Affected Products : tl-wr802n_firmware tl-wr802n
    • EPSS Score: %10.97
    • Published: Apr. 12, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-29300

    The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input.... Read more

    Affected Products : opened
    • EPSS Score: %38.18
    • Published: May. 24, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291395 Results