Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2021-28876

    In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a mem... Read more

    Affected Products : fedora rust
    • EPSS Score: %0.09
    • Published: Apr. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28875

    In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.... Read more

    Affected Products : rust
    • EPSS Score: %0.20
    • Published: Apr. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-28874

    SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted file.... Read more

    Affected Products : serenityos serenity
    • EPSS Score: %0.38
    • Published: Apr. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-28861

    Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.... Read more

    Affected Products : fedora python
    • EPSS Score: %0.56
    • Published: Aug. 23, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-28860

    In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availabi... Read more

    Affected Products : mixme
    • EPSS Score: %1.16
    • Published: May. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-28858

    TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.... Read more

    Affected Products : tl-wpa4220_firmware tl-wpa4220
    • EPSS Score: %0.02
    • Published: Jun. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28857

    TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.... Read more

    Affected Products : tl-wpa4220_firmware tl-wpa4220
    • EPSS Score: %0.32
    • Published: Jun. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-28856

    In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.... Read more

    Affected Products : deark
    • EPSS Score: %0.16
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-28855

    In Deark before 1.5.8, a specially crafted input file can cause a NULL pointer dereference in the dbuf_write function (src/deark-dbuf.c).... Read more

    Affected Products : deark
    • EPSS Score: %0.16
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28848

    Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by telling the Mintty window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not ... Read more

    Affected Products : mintty
    • EPSS Score: %0.56
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28847

    MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls.... Read more

    Affected Products : mobaxterm
    • EPSS Score: %0.47
    • Published: Jun. 03, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-28846

    A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling... Read more

    • EPSS Score: %0.31
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28845

    Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending the POST request to apply_cgi ... Read more

    • EPSS Score: %0.34
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28844

    Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi via a do_graph_auth action without a session_id key.... Read more

    • EPSS Score: %0.34
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28843

    Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi with an unknown action name.... Read more

    • EPSS Score: %0.34
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28842

    Null Pointer Deference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial os service by sending the POST request to apply_cgi vi... Read more

    • EPSS Score: %0.34
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28841

    Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to apply_cgi via an ac... Read more

    • EPSS Score: %0.34
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28840

    Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the u... Read more

    • EPSS Score: %1.04
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28839

    Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the u... Read more

    • EPSS Score: %0.56
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-28838

    Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in ... Read more

    • EPSS Score: %1.04
    • Published: Aug. 10, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291617 Results