Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2021-26583

    A potential security vulnerability was identified in HPE iLO Amplifier Pack. The vulnerabilities could be remotely exploited to allow remote code execution.... Read more

    Affected Products : ilo_amplifier_pack
    • EPSS Score: %2.58
    • Published: May. 10, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-26582

    A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).... Read more

    • EPSS Score: %0.30
    • Published: Apr. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-26581

    A potential security vulnerability has been identified in HPE Superdome Flex server. A denial of service attack can be remotely exploited leaving hung connections to the BMC web interface. The monarch BMC must be rebooted to recover from this situation. O... Read more

    • EPSS Score: %0.37
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-26580

    A potential security vulnerability has been identified in HPE iLO Amplifier Pack. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). HPE has provided the following software update to resolve the vulnerability in HPE iLO Amp... Read more

    • EPSS Score: %0.32
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-26579

    A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified... Read more

    Affected Products : unified_data_management
    • EPSS Score: %0.05
    • Published: Mar. 30, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-26578

    A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5. The vulnerability could be remotely exploited with SQL injection.... Read more

    Affected Products : network_orchestrator
    • EPSS Score: %0.35
    • Published: Mar. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26577

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so uploadsshkey function.... Read more

    • EPSS Score: %0.07
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26576

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so uploadsshkey function.... Read more

    • EPSS Score: %0.12
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26575

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletesolvideofile function.... Read more

    • EPSS Score: %0.12
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26574

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletevideofile function.... Read more

    • EPSS Score: %0.12
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26573

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function.... Read more

    • EPSS Score: %0.13
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26572

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.... Read more

    • EPSS Score: %0.13
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26571

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.... Read more

    • EPSS Score: %0.13
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26570

    The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.... Read more

    • EPSS Score: %0.12
    • Published: Feb. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-26559

    Improper Access Control on Configurations Endpoint for the Stable API of Apache Airflow allows users with Viewer or User role to get Airflow Configurations including sensitive information even when `[webserver] expose_config` is set to `False` in `airflow... Read more

    Affected Products : airflow
    • EPSS Score: %0.30
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-26558

    Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to inject outer link resources. This issue affects Apache ShardingSphere-UI Apache ShardingSphere-UI version 4.1.1 and later versions; Apache ShardingSphere-UI ... Read more

    Affected Products : shardingsphere-ui
    • EPSS Score: %2.82
    • Published: Nov. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26557

    When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.... Read more

    Affected Products : tentacle
    • EPSS Score: %0.06
    • Published: Oct. 07, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-26556

    When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.... Read more

    Affected Products : octopus_deploy octopus_server
    • EPSS Score: %0.06
    • Published: Oct. 07, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-26551

    An issue was discovered in SmartFoxServer 2.17.0. An attacker can execute arbitrary Python code, and bypass the javashell.py protection mechanism, by creating /config/ConsoleModuleUnlock.txt and editing /config/admin/admintool.xml to enable the Console mo... Read more

    Affected Products : smartfoxserver
    • EPSS Score: %0.18
    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-26550

    An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml.... Read more

    Affected Products : smartfoxserver
    • EPSS Score: %0.07
    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291722 Results