Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2021-27038

    A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. A malicious actor can leverage this to execute arbitrary code.... Read more

    Affected Products : design_review
    • EPSS Score: %0.31
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27037

    A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to ex... Read more

    Affected Products : design_review
    • EPSS Score: %0.48
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27036

    A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or TIFF file can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL, BMP, PSD or TIFF files. This vulnerability can be exploited to execute arbitrary code... Read more

    Affected Products : design_review
    • EPSS Score: %0.27
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27035

    A maliciously crafted TIFF, TIF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA or DWF files. This vulnerability in conjunction with other v... Read more

    Affected Products : design_review
    • EPSS Score: %0.27
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27034

    A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.... Read more

    Affected Products : design_review
    • EPSS Score: %0.67
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27033

    A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target ... Read more

    Affected Products : design_review
    • EPSS Score: %0.89
    • Published: Jul. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27032

    Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues. A malicious user with limited privileges could run any number of tools on a system to identify services that are configured with weak permissions and are running under... Read more

    Affected Products : licensing_services
    • EPSS Score: %0.03
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-27031

    A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on th... Read more

    Affected Products : fbx_review
    • EPSS Score: %0.26
    • Published: Apr. 19, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-27030

    A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system.... Read more

    Affected Products : fbx_review
    • EPSS Score: %49.33
    • Published: Apr. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-27029

    The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review version 1.5.0 and prior causing the application to crash leading to a denial of service.... Read more

    Affected Products : fbx_review
    • EPSS Score: %0.14
    • Published: Apr. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27028

    A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files.... Read more

    Affected Products : fbx_review
    • EPSS Score: %0.73
    • Published: Apr. 19, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-27027

    An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure.... Read more

    Affected Products : fbx_review
    • EPSS Score: %0.32
    • Published: Apr. 19, 2021
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2021-27026

    A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged... Read more

    • EPSS Score: %0.06
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-27025

    A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.... Read more

    • EPSS Score: %0.17
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-27024

    A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0... Read more

    Affected Products : continuous_delivery
    • EPSS Score: %0.32
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-27023

    A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007... Read more

    • EPSS Score: %0.26
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2021-27022

    A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).... Read more

    Affected Products : puppet_enterprise puppet
    • EPSS Score: %0.34
    • Published: Sep. 07, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-27021

    A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.... Read more

    Affected Products : puppet_enterprise puppet puppetdb
    • EPSS Score: %0.63
    • Published: Jul. 20, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-27020

    Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.... Read more

    Affected Products : puppet_enterprise
    • EPSS Score: %0.82
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-27019

    PuppetDB logging included potentially sensitive system information.... Read more

    Affected Products : puppet_enterprise puppetdb
    • EPSS Score: %0.20
    • Published: Aug. 30, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291601 Results