Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2021-25801

    A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.... Read more

    Affected Products : vlc_media_player
    • EPSS Score: %2.43
    • Published: Jul. 26, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-25791

    Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in the First Name, Last Name, an... Read more

    • EPSS Score: %0.14
    • Published: Jul. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-25790

    Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone N... Read more

    • EPSS Score: %0.16
    • Published: Jul. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-25786

    An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.... Read more

    Affected Products : qpdf
    • EPSS Score: %0.30
    • Published: Aug. 11, 2023
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2021-25785

    Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column.... Read more

    Affected Products : taocms
    • EPSS Score: %0.24
    • Published: Dec. 02, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-25784

    Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article.... Read more

    Affected Products : taocms
    • EPSS Score: %0.27
    • Published: Dec. 02, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-25783

    Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search.... Read more

    Affected Products : taocms
    • EPSS Score: %0.27
    • Published: Dec. 02, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-25780

    An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and o... Read more

    Affected Products : baby_care_system
    • EPSS Score: %4.04
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-25779

    Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.... Read more

    Affected Products : baby_care_system
    • EPSS Score: %0.26
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-25778

    In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-25777

    In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-25776

    In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-25775

    In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-25774

    In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-25773

    JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.01
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-25772

    In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2021-25771

    In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-25770

    In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.02
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-25769

    In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.01
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-25768

    In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.... Read more

    Affected Products : youtrack
    • EPSS Score: %0.00
    • Published: Feb. 03, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291401 Results