Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2021-24074

    Windows TCP/IP Remote Code Execution Vulnerability... Read more

    • EPSS Score: %14.39
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-24073

    Skype for Business and Lync Spoofing Vulnerability... Read more

    • EPSS Score: %0.45
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-24072

    Microsoft SharePoint Server Remote Code Execution Vulnerability... Read more

    • EPSS Score: %1.98
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-24071

    Microsoft SharePoint Information Disclosure Vulnerability... Read more

    • EPSS Score: %8.86
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-24070

    Microsoft Excel Remote Code Execution Vulnerability... Read more

    • EPSS Score: %2.60
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-24069

    Microsoft Excel Remote Code Execution Vulnerability... Read more

    • EPSS Score: %1.13
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-24068

    Microsoft Excel Remote Code Execution Vulnerability... Read more

    • EPSS Score: %1.13
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-24067

    Microsoft Excel Remote Code Execution Vulnerability... Read more

    • EPSS Score: %2.60
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-24066

    Microsoft SharePoint Remote Code Execution Vulnerability... Read more

    • EPSS Score: %1.63
    • Published: Feb. 25, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-24046

    A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.... Read more

    • EPSS Score: %0.20
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-24045

    A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most Re... Read more

    Affected Products : hermes
    • EPSS Score: %0.55
    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-24044

    By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault ... Read more

    Affected Products : hermes
    • EPSS Score: %0.50
    • Published: Jan. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-24043

    A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, and WhatsApp Desktop v2.2145.0 could have allowed an ou... Read more

    Affected Products : whatsapp whatsapp_business
    • EPSS Score: %0.79
    • Published: Feb. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-24041

    A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image.... Read more

    Affected Products : whatsapp whatsapp_business
    • EPSS Score: %0.69
    • Published: Dec. 07, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-24040

    Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.... Read more

    Affected Products : parlai
    • EPSS Score: %31.82
    • Published: Sep. 10, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-24038

    Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 3... Read more

    Affected Products : desktop
    • EPSS Score: %0.04
    • Published: Aug. 19, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-24037

    A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the applicatio... Read more

    Affected Products : hermes
    • EPSS Score: %0.54
    • Published: Jun. 15, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-24036

    Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue ... Read more

    Affected Products : hhvm folly
    • EPSS Score: %2.86
    • Published: Jul. 23, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-24033

    react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is saf... Read more

    Affected Products : react-dev-utils
    • EPSS Score: %1.44
    • Published: Mar. 09, 2021
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2021-24032

    Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore mo... Read more

    Affected Products : zstandard
    • EPSS Score: %0.06
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292508 Results