Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-26624

    An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attacke... Read more

    Affected Products : escan_anti-virus
    • EPSS Score: %1.88
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26623

    A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function.... Read more

    Affected Products : windows bandizip
    • EPSS Score: %0.69
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-26622

    An remote code execution vulnerability due to SSTI vulnerability and insufficient file name parameter validation was discovered in Genian NAC. Remote attackers are able to execute arbitrary malicious code with SYSTEM privileges on all connected nodes in N... Read more

    Affected Products : windows genian_nac
    • EPSS Score: %2.27
    • Published: Mar. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26621

    An Buffer Overflow vulnerability leading to remote code execution was discovered in MEX01. Remote attackers can use this vulnerability by using the property that the target program copies parameter values to memory through the strcpy() function.... Read more

    Affected Products : mex01_firmware mex01
    • EPSS Score: %3.31
    • Published: Mar. 25, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-26620

    An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. Remote attackers are able to steal important information in the server by exploiting vulnerabilities such as insufficient authentication when access... Read more

    • EPSS Score: %0.61
    • Published: Mar. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-26619

    An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. Remote attackers can use this vulnerability to delete arbitrary files of unspecified number of users.... Read more

    Affected Products : windows bigfileagent
    • EPSS Score: %1.24
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26618

    An improper input validation leading to arbitrary file creation was discovered in ToWord of ToOffice. Remote attackers use this vulnerability to execute arbitrary file included malicious code.... Read more

    Affected Products : windows tooffice
    • EPSS Score: %0.42
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26617

    This issues due to insufficient verification of the various input values from user’s input. The vulnerability allows remote attackers to execute malicious code in Firstmall via navercheckout_add function.... Read more

    Affected Products : windows firstmall
    • EPSS Score: %0.73
    • Published: Feb. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26616

    An OS command injection was found in SecuwaySSL, when special characters injection on execute command with runCommand arguments.... Read more

    Affected Products : secuwayssl_u
    • EPSS Score: %0.66
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-26615

    ARK library allows attackers to execute remote code via the parameter(path value) of Ark_NormalizeAndDupPAthNameW function because of an integer overflow.... Read more

    Affected Products : linux_kernel ark_library
    • EPSS Score: %0.20
    • Published: Nov. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-26614

    ius_get.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command.... Read more

    Affected Products : c200_firmware c200
    • EPSS Score: %3.46
    • Published: Nov. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-26613

    improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method.... Read more

    Affected Products : windows nexacro
    • EPSS Score: %0.31
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26612

    An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. Remote attackers use copy method to execute arbitrary command after the file creation included malicious code.... Read more

    Affected Products : windows nexacro
    • EPSS Score: %0.92
    • Published: Nov. 30, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26611

    HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.(reboot, factory reset, snapshot etc..)... Read more

    • EPSS Score: %0.71
    • Published: Nov. 26, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-26610

    The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. This vulnerability allows an attacker to execute an remote arbitrary code.... Read more

    Affected Products : windows godomall5
    • EPSS Score: %0.14
    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-26609

    A vulnerability was found in Mangboard(WordPress plugin). A SQL-Injection vulnerability was found in order_type parameter. The order_type parameter makes a SQL query using unfiltered data. This vulnerability allows a remote attacker to steal user informat... Read more

    Affected Products : mang_board
    • EPSS Score: %0.65
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26608

    An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash.... Read more

    Affected Products : windows hshell
    • EPSS Score: %0.23
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-26607

    An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems.... Read more

    Affected Products : windows nexacro
    • EPSS Score: %0.97
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-26606

    A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HT... Read more

    Affected Products : windows magicline4nx.exe
    • EPSS Score: %0.36
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-26605

    An improper input validation vulnerability in the service of ezPDFReader allows attacker to execute arbitrary command. This issue occurred when the ezPDF launcher received and executed crafted input values through JSON-RPC communication.... Read more

    Affected Products : windows ezpdfreader
    • EPSS Score: %0.43
    • Published: Aug. 05, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291531 Results