Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.7

    HIGH
    CVE-2021-21925

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘firm_filter’ parameter.... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.19
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21924

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘desc_filter’ parameter.... Read more

    Affected Products : r-seenet
    • EPSS Score: %5.29
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21923

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘company_filter’ parameter with the administrative account or through cross-site request forgery.... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.34
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21922

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘username_filter’ parameter with the administrative account or through cross-site request forgery.... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.19
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21921

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘name_filter’ parameter with the administrative account or through cross-site request forgery.... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.34
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21920

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘surname_filter’ parameter with the administrative account or through cross-site request forgery.... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.34
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21919

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ord’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation ... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.34
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-21918

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘name_filter’ parameter. However, the high privilege super-administrator account needs to be used to achieve expl... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.34
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21917

    An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at '‘ord’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. ... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.25
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21916

    An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at 'description_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this v... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.25
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21915

    An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at ‘company_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this vulne... Read more

    Affected Products : r-seenet
    • EPSS Score: %1.25
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-21914

    A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.... Read more

    Affected Products : imagegear
    • EPSS Score: %1.12
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-21913

    An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.... Read more

    Affected Products : dir-3040_firmware dir-3040
    • EPSS Score: %0.69
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21912

    A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An atta... Read more

    Affected Products : windows r-seenet
    • EPSS Score: %0.11
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21911

    A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An atta... Read more

    Affected Products : windows r-seenet
    • EPSS Score: %0.04
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21910

    A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An atta... Read more

    Affected Products : windows r-seenet
    • EPSS Score: %0.04
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-21909

    Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability... Read more

    • EPSS Score: %0.51
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-21908

    Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete function does not attempt to sanitize or otherwise validate the contents of the [file] parameter (passed to the function as argv[1]), allowing an authenticated... Read more

    • EPSS Score: %0.75
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2021-21907

    A directory traversal vulnerability exists in the CMA CLI getenv command functionality of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted command line argument can lead to local file inclusion. An attacker can provide malicious inp... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.26
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-21906

    Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is u... Read more

    Affected Products : ic_module_cma
    • EPSS Score: %0.21
    • Published: Dec. 22, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291513 Results