Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.5

HIGH

CVE-2021-28236

LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c....

Affected Products : libredwg
Published: Dec. 02, 2021

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2021-28233

Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c....

Affected Products : ok-file-formats
Published: Aug. 27, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-28216

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE....

Affected Products : edk_ii
Published: Aug. 05, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-28213

Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks....

Affected Products : edk_ii edk2
Published: Jun. 11, 2021

Modified: Nov. 21, 2024
6.7

MEDIUM

CVE-2021-28211

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II....

Affected Products : edk_ii edk2
Published: Jun. 11, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II....

Affected Products : edk_ii edk2
Published: Jun. 11, 2021

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2021-28209

The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files....

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2021-28208

The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files....

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2021-28207

The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files....

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2021-28206

The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files....

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2021-28205

The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system file...

Affected Products : z10pr-d16_firmware asmb8-ikvm_firmware z10pe-d16_ws_firmware z10pr-d16 asmb8-ikvm z10pe-d16_ws
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2021-28204

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbit...

Affected Products : z10pr-d16_firmware asmb8-ikvm_firmware z10pe-d16_ws_firmware z10pr-d16 asmb8-ikvm z10pe-d16_ws
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
7.2

HIGH

CVE-2021-28203

The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary....

Affected Products : z10pr-d16_firmware asmb8-ikvm_firmware z10pe-d16_ws_firmware z10pr-d16 asmb8-ikvm z10pe-d16_ws
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-28202

The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to a...

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-28201

The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to a...

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-28200

The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to ab...

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-28199

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attacker...

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-28198

The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leak...

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-28197

The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leaka...

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-28196

The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers...

Affected Products : asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmware rs300-e10-rs4_firmware rs500a-e9-ps4_firmware +78 more products
Published: Apr. 06, 2021

Modified: Nov. 21, 2024

Showing 20 of 292836 Results

Browse by Apps

Latest CVE Feed

7.5

8.8

7.8

7.5

6.7

7.8

6.8

6.8

6.8

6.8

6.8

7.2

7.2

4.9

4.9

4.9

4.9

4.9

4.9

4.9

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable