Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-27383

    A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMA... Read more

    • EPSS Score: %0.44
    • Published: May. 12, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27382

    A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when pars... Read more

    • EPSS Score: %0.67
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27381

    A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of b... Read more

    • EPSS Score: %0.42
    • Published: Mar. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27380

    A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of b... Read more

    • EPSS Score: %0.36
    • Published: Mar. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27379

    An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and... Read more

    Affected Products : debian_linux xen
    • EPSS Score: %0.07
    • Published: Feb. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-27378

    An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data.... Read more

    Affected Products : rand_core
    • EPSS Score: %0.47
    • Published: Feb. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-27377

    An issue was discovered in the yottadb crate before 1.2.0 for Rust. For some memory-allocation patterns, ydb_subscript_next_st and ydb_subscript_prev_st have a use-after-free.... Read more

    Affected Products : yottadb
    • EPSS Score: %0.51
    • Published: Feb. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-27376

    An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.... Read more

    Affected Products : nb-connect
    • EPSS Score: %0.43
    • Published: Feb. 18, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-27375

    Traefik before 2.4.5 allows the loading of IFRAME elements from other domains.... Read more

    Affected Products : traefik
    • EPSS Score: %0.20
    • Published: Feb. 18, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-27374

    VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve "Zugriff auf Inhalte der WebOffice Applikation."... Read more

    Affected Products : weboffice
    • EPSS Score: %0.28
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-27372

    Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.... Read more

    • EPSS Score: %0.32
    • Published: Mar. 25, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-27371

    The Contact page in Monica 2.19.1 allows stored XSS via the Description field.... Read more

    Affected Products : monica
    • EPSS Score: %0.17
    • Published: Feb. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-27370

    The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field.... Read more

    Affected Products : monica
    • EPSS Score: %0.30
    • Published: Feb. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-27369

    The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field.... Read more

    Affected Products : monica
    • EPSS Score: %0.19
    • Published: Feb. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-27368

    The Contact page in Monica 2.19.1 allows stored XSS via the First Name field.... Read more

    Affected Products : monica
    • EPSS Score: %0.19
    • Published: Feb. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-27367

    Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.... Read more

    Affected Products : bolt
    • EPSS Score: %0.27
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27365

    An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSC... Read more

    • EPSS Score: %0.43
    • Published: Mar. 07, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-27364

    An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.... Read more

    • EPSS Score: %0.04
    • Published: Mar. 07, 2021
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2021-27363

    An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to... Read more

    • EPSS Score: %0.02
    • Published: Mar. 07, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-27362

    The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.... Read more

    Affected Products : irfanview wpg
    • EPSS Score: %4.24
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291728 Results