Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 7.8

    HIGH
    CVE-2021-22665

    Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system.... Read more

    • EPSS Score: %0.00
    • Published: Mar. 18, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22664

    CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.... Read more

    Affected Products : cncsoft-b
    • EPSS Score: %0.20
    • Published: Apr. 27, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22663

    Cscape (All versions prior to 9.90 SP3.5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current proce... Read more

    Affected Products : cscape cscape
    • EPSS Score: %0.41
    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22662

    A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.... Read more

    Affected Products : fvdesigner
    • EPSS Score: %0.24
    • Published: Mar. 03, 2021
    • Modified: Nov. 21, 2024
  • 7.5

    HIGH
    CVE-2021-22661

    Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Ve... Read more

    • EPSS Score: %0.16
    • Published: Feb. 26, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22660

    CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.... Read more

    Affected Products : cncsoft-b
    • EPSS Score: %0.35
    • Published: Apr. 27, 2021
    • Modified: Nov. 21, 2024
  • 8.6

    HIGH
    CVE-2021-22659

    Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may... Read more

    • EPSS Score: %0.69
    • Published: Mar. 25, 2021
    • Modified: Nov. 21, 2024
  • 9.8

    CRITICAL
    CVE-2021-22658

    Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'.... Read more

    Affected Products : iview
    • EPSS Score: %0.40
    • Published: Feb. 11, 2021
    • Modified: Nov. 21, 2024
  • 10.0

    CRITICAL
    CVE-2021-22657

    mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.... Read more

    Affected Products : mypro
    • EPSS Score: %0.40
    • Published: Dec. 23, 2021
    • Modified: Nov. 21, 2024
  • 7.5

    HIGH
    CVE-2021-22656

    Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files.... Read more

    Affected Products : iview
    • EPSS Score: %1.86
    • Published: Feb. 11, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22655

    Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (vers... Read more

    • EPSS Score: %0.30
    • Published: Jan. 27, 2021
    • Modified: Nov. 21, 2024
  • 7.5

    HIGH
    CVE-2021-22654

    Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information.... Read more

    Affected Products : iview
    • EPSS Score: %0.42
    • Published: Feb. 11, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22653

    Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (ver... Read more

    • EPSS Score: %0.30
    • Published: Jan. 27, 2021
    • Modified: Nov. 21, 2024
  • 9.8

    CRITICAL
    CVE-2021-22652

    Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.... Read more

    Affected Products : iview
    • EPSS Score: %40.86
    • Published: Feb. 11, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22651

    When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extracti... Read more

    • EPSS Score: %1.71
    • Published: Feb. 23, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22649

    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project fi... Read more

    • EPSS Score: %0.22
    • Published: Feb. 23, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22647

    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing pr... Read more

    • EPSS Score: %0.37
    • Published: Feb. 23, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22645

    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” c... Read more

    • EPSS Score: %0.25
    • Published: Feb. 23, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22643

    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, w... Read more

    • EPSS Score: %0.35
    • Published: Feb. 23, 2021
    • Modified: Nov. 21, 2024
  • 7.8

    HIGH
    CVE-2021-22641

    A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versi... Read more

    • EPSS Score: %0.48
    • Published: Jan. 27, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291728 Results