Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2021-21917

    An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at '‘ord’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. ... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.25
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21916

    An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at 'description_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this v... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.25
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21915

    An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at ‘company_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this vulne... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.25
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-21914

    A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.... Read more

    Affected Products : imagegear
    • EPSS Score: %1.12
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21913

    An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.... Read more

    Affected Products : dir-3040_firmware dir-3040
    • EPSS Score: %0.69
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21912

    A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An atta... Read more

    Affected Products : windows r-seenet
    • EPSS Score: %0.11
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21911

    A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An atta... Read more

    Affected Products : windows r-seenet
    • EPSS Score: %0.04
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21910

    A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An atta... Read more

    Affected Products : windows r-seenet
    • EPSS Score: %0.04
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-21909

    Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability... Read more

    • EPSS Score: %0.51
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-21908

    Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete function does not attempt to sanitize or otherwise validate the contents of the [file] parameter (passed to the function as argv[1]), allowing an authenticated... Read more

    • EPSS Score: %0.75
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2021-21907

    A directory traversal vulnerability exists in the CMA CLI getenv command functionality of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted command line argument can lead to local file inclusion. An attacker can provide malicious inp... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.26
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-21906

    Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is u... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.21
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2021-21905

    Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is u... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.21
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2021-21904

    A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors’ iC Module CMA Version 5.0. An attacker can provide malicious input to trigger this vulnerability... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %2.00
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-21903

    A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send ... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.20
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-21902

    An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authentication bypass via session hijacking. An attacker can send ... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.13
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-21901

    A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to memcpy. An attacker can send ... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.19
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21900

    A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger thi... Read more

    Affected Products : fedora debian_linux libdxfrw
    • EPSS Score: %0.28
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21899

    A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger th... Read more

    Affected Products : fedora debian_linux libdxfrw
    • EPSS Score: %0.34
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21898

    A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger thi... Read more

    Affected Products : fedora debian_linux libdxfrw
    • EPSS Score: %0.21
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291385 Results