Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2021-28500

    An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.... Read more

    Affected Products : eos
    • EPSS Score: %0.31
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2021-28499

    In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post rel... Read more

    Affected Products : metamako_operating_system 7130
    • EPSS Score: %0.04
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 8.7

    HIGH
    CVE-2021-28498

    In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. This issue affects: Arista Metamako Operat... Read more

    Affected Products : metamako_operating_system 7130
    • EPSS Score: %0.09
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-28497

    In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arist... Read more

    Affected Products : metamako_operating_system 7130
    • EPSS Score: %0.05
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-28496

    On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outpu... Read more

    Affected Products : eos
    • EPSS Score: %0.09
    • Published: Oct. 21, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-28495

    In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating... Read more

    Affected Products : metamako_operating_system 7130
    • EPSS Score: %0.39
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.6

    CRITICAL
    CVE-2021-28494

    In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System... Read more

    Affected Products : metamako_operating_system 7130
    • EPSS Score: %0.29
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2021-28493

    In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating Sy... Read more

    Affected Products : metamako_operating_system 7130
    • EPSS Score: %0.04
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2021-28492

    Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format.... Read more

    Affected Products : stealth
    • EPSS Score: %0.26
    • Published: Apr. 20, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-28490

    In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token.... Read more

    Affected Products : csrfguard
    • EPSS Score: %0.15
    • Published: Aug. 19, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-28488

    Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve manage... Read more

    Affected Products : network_manager
    • EPSS Score: %0.63
    • Published: Mar. 10, 2022
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-28485

    In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not inten... Read more

    • EPSS Score: %0.36
    • Published: Sep. 14, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28484

    An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuc... Read more

    Affected Products : fedora yubihsm_connector
    • EPSS Score: %0.56
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    CRITICAL
    CVE-2021-28483

    Microsoft Exchange Server Remote Code Execution Vulnerability... Read more

    Affected Products : exchange_server
    • EPSS Score: %0.58
    • Published: Apr. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-28482

    Microsoft Exchange Server Remote Code Execution Vulnerability... Read more

    Affected Products : exchange_server
    • EPSS Score: %54.67
    • Published: Apr. 13, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-28481

    Microsoft Exchange Server Remote Code Execution Vulnerability... Read more

    Affected Products : exchange_server
    • EPSS Score: %3.80
    • Published: Apr. 13, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-28480

    Microsoft Exchange Server Remote Code Execution Vulnerability... Read more

    Affected Products : exchange_server
    • EPSS Score: %67.80
    • Published: Apr. 13, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-28479

    Windows CSC Service Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.28
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-28477

    Visual Studio Code Remote Code Execution Vulnerability... Read more

    Affected Products : visual_studio_code
    • EPSS Score: %1.42
    • Published: Apr. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2021-28476

    Windows Hyper-V Remote Code Execution Vulnerability... Read more

    • EPSS Score: %63.20
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291058 Results