Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2021-22298

    There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement to exploit this vulnerability. Due to insufficient security design, successful exploit can cause service abnormal. Af... Read more

    Affected Products : manageone
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22296

    A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.... Read more

    Affected Products : harmonyos
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22295

    A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.... Read more

    Affected Products : harmonyos
    • Published: Aug. 06, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-22294

    A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.... Read more

    Affected Products : harmonyos
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22293

    Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1,... Read more

    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-22292

    There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web a... Read more

    Affected Products : ecns280_firmware ecns280
    • Published: Feb. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-22289

    Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.... Read more

    Affected Products : studio
    • Published: Aug. 11, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22288

    Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive.... Read more

    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22286

    Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive.... Read more

    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22285

    Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive.... Read more

    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-22284

    Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server.... Read more

    Affected Products : opc_server_for_ac_800m
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-22283

    Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion ... Read more

    • Published: Feb. 28, 2023
    • Modified: Nov. 21, 2024

  • 8.3

    HIGH
    CVE-2021-22282

    Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12. ... Read more

    Affected Products : automation_studio studio
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22281

    : Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12. ... Read more

    Affected Products : automation_studio studio
    • Published: Feb. 02, 2024
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-22280

    Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.... Read more

    Affected Products : studio
    • Published: May. 14, 2024
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-22279

    A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port.... Read more

    • Published: Dec. 13, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-22278

    A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.... Read more

    Affected Products : update_manager pcm600 pcm600
    • Published: Oct. 28, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-22277

    Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service.... Read more

    • Published: Apr. 01, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-22276

    The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access Point.... Read more

    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-22275

    Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.... Read more

    Affected Products : automation_runtime
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292815 Results