Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2021-22284

    Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server.... Read more

    Affected Products : opc_server_for_ac_800m
    • EPSS Score: %0.34
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-22283

    Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion ... Read more

    • EPSS Score: %0.07
    • Published: Feb. 28, 2023
    • Modified: Nov. 21, 2024

  • 8.3

    HIGH
    CVE-2021-22282

    Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12. ... Read more

    Affected Products : automation_studio studio
    • EPSS Score: %0.17
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22281

    : Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12. ... Read more

    Affected Products : automation_studio studio
    • EPSS Score: %0.12
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-22280

    Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.... Read more

    Affected Products : studio
    • Published: May. 14, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-22279

    A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port.... Read more

    • EPSS Score: %0.31
    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-22278

    A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.... Read more

    Affected Products : update_manager pcm600 pcm600
    • EPSS Score: %0.02
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-22277

    Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service.... Read more

    • EPSS Score: %0.55
    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-22276

    The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access Point.... Read more

    • EPSS Score: %0.08
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-22275

    Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.... Read more

    Affected Products : automation_runtime
    • EPSS Score: %0.44
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024

  • 9.4

    CRITICAL
    CVE-2021-22272

    The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.de or mybuildings.abb.com profile. A successful attacker... Read more

    Affected Products : mybuildings mybusch-jaeger
    • EPSS Score: %0.19
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2021-22267

    Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO... Read more

    Affected Products : web_viewpoint nonstop
    • EPSS Score: %0.33
    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-22264

    An issue has been discovered in GitLab affecting all versions starting from 13.8 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. Under specialized conditions, an invited group member may continu... Read more

    Affected Products : gitlab
    • EPSS Score: %0.14
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-22263

    An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. A user account with 'external' status which is granted 'Maintaine... Read more

    Affected Products : gitlab
    • EPSS Score: %0.20
    • Published: Oct. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-22262

    Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative ... Read more

    Affected Products : gitlab
    • EPSS Score: %0.16
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-22261

    A stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arb... Read more

    Affected Products : gitlab
    • EPSS Score: %0.33
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-22260

    A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to... Read more

    Affected Products : gitlab
    • EPSS Score: %0.27
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-22259

    A potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.28
    • Published: Oct. 04, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22258

    The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses... Read more

    Affected Products : gitlab
    • EPSS Score: %0.27
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-22257

    An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. The route for /user.keys is not restricted on instances with publ... Read more

    Affected Products : gitlab
    • EPSS Score: %0.22
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291616 Results