Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2021-21969

    An out-of-bounds write vulnerability exists in the HandleSeaCloudMessage functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. The HandleIncomingSeaCloudMessage function uses at [4] the json_object_get_string to populate the p_payload global va... Read more

    • EPSS Score: %0.44
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 8.3

    HIGH
    CVE-2021-21968

    A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to arbitrary file overwrite. An attacker can perform a man-in-the-middle attack to trigger ... Read more

    • EPSS Score: %0.42
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-21967

    An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigg... Read more

    • EPSS Score: %0.28
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-21966

    An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP reques... Read more

    • EPSS Score: %2.02
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-21965

    A denial of service vulnerability exists in the SeaMax remote configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigge... Read more

    • EPSS Score: %0.44
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-21964

    A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger this ... Read more

    • EPSS Score: %0.39
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-21963

    An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man... Read more

    • EPSS Score: %0.12
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    CRITICAL
    CVE-2021-21962

    A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-i... Read more

    • EPSS Score: %1.90
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21961

    A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this v... Read more

    • EPSS Score: %1.88
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21960

    A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger ... Read more

    • EPSS Score: %1.88
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-21959

    A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality.... Read more

    • EPSS Score: %0.31
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-21958

    A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a... Read more

    Affected Products : hancom_office_2020
    • EPSS Score: %0.83
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21957

    A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger ... Read more

    Affected Products : remote_connector
    • EPSS Score: %0.61
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-21956

    A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.10.2. A specially-crafted malformed file can lead to potential arbitrary command execution. An attacker can provide a malicious file to trigger this vulner... Read more

    Affected Products : imunify360
    • EPSS Score: %0.41
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21955

    An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to password recovery. An attacker can sniff network traffic to tr... Read more

    • EPSS Score: %0.52
    • Published: Dec. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2021-21954

    A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution.... Read more

    • EPSS Score: %1.66
    • Published: Dec. 09, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-21953

    An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to increased privileges.... Read more

    • EPSS Score: %0.30
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-21952

    An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges.... Read more

    • EPSS Score: %0.46
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21951

    An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network packet can lead to code ex... Read more

    • EPSS Score: %0.88
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21950

    An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network packet can l... Read more

    • EPSS Score: %0.88
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 290955 Results