Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-45116

    An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or... Read more

    Affected Products : fedora django
    • Published: Jan. 05, 2022
    • Modified: May. 22, 2025

  • 6.6

    MEDIUM
    CVE-2021-3782

    An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large... Read more

    Affected Products : wayland
    • Published: Sep. 23, 2022
    • Modified: May. 22, 2025

  • 9.8

    CRITICAL
    CVE-2021-39990

    The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39989

    The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39988

    The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39987

    The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39985

    The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39984

    Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39983

    The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39977

    The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.... Read more

    Affected Products : harmonyos
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-39967

    There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 8.8

    HIGH
    CVE-2021-37198

    A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web ... Read more

    Affected Products : comos
    • Published: Jan. 11, 2022
    • Modified: May. 22, 2025

  • 7.5

    HIGH
    CVE-2021-37133

    There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos magic_ui
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 6.1

    MEDIUM
    CVE-2021-36739

    The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.... Read more

    Affected Products : pluto jetspeed
    • Published: Jan. 06, 2022
    • Modified: May. 22, 2025

  • 6.5

    MEDIUM
    CVE-2021-28715

    Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kern... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Jan. 06, 2022
    • Modified: May. 22, 2025

  • 6.1

    MEDIUM
    CVE-2021-25022

    The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues... Read more

    Affected Products : updraftplus
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 6.1

    MEDIUM
    CVE-2021-24964

    The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the... Read more

    Affected Products : litespeed_cache
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 7.2

    HIGH
    CVE-2021-24786

    The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue... Read more

    Affected Products : download_monitor
    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025

  • 9.8

    CRITICAL
    CVE-2021-24042

    The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior t... Read more

    Affected Products : whatsapp whatsapp_desktop
    • Published: Jan. 04, 2022
    • Modified: May. 22, 2025

  • 6.5

    MEDIUM
    CVE-2021-1918

    Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile... Read more

    • Published: Jan. 03, 2022
    • Modified: May. 22, 2025
Showing 20 of 292846 Results