Latest CVE Feed
-
6.4
MEDIUMCVE-2024-1242
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it pos... Read more
Affected Products : premium_addons_for_elementor- Published: Feb. 29, 2024
- Modified: Aug. 15, 2025
-
8.8
HIGHCVE-2024-1522
A Cross-Site Request Forgery (CSRF) vulnerability in the parisneo/lollms-webui project allows remote attackers to execute arbitrary code on a victim's system. The vulnerability stems from the `/execute_code` API endpoint, which does not properly validate ... Read more
- Published: Mar. 30, 2024
- Modified: Aug. 15, 2025
-
8.2
HIGHCVE-2024-1646
parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a ... Read more
- Published: Apr. 16, 2024
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2024-21459
Information disclosure while handling beacon or probe response frame in STA.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +342 more products- Published: Aug. 05, 2024
- Modified: Aug. 15, 2025
-
7.8
HIGHCVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_blu... Read more
Affected Products : linux_kernel- EPSS Score: %0.04
- Published: Jan. 30, 2024
- Modified: Aug. 15, 2025
-
8.2
HIGHCVE-2024-34949
SQL injection vulnerability in Likeshop before 2.5.7 allows attackers to run abitrary SQL commands via the function OrderLogic::getOrderList function, exploited at the /admin/order/lists.html endpoint.... Read more
Affected Products : likeshop- Published: May. 20, 2024
- Modified: Aug. 15, 2025
-
5.3
MEDIUMCVE-2021-30187
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware runtime_toolkit 750-891_firmware +45 more products- EPSS Score: %0.12
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30188
CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt 750-891_firmware +46 more products- EPSS Score: %0.57
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30189
CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.57
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30190
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.43
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-30191
CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.41
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30192
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30193
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-30194
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-30195
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +46 more products- EPSS Score: %0.42
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34583
Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %3.82
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-34584
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.61
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34585
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.47
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34586
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %3.29
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34593
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communica... Read more
Affected Products : plcwinnt runtime_toolkit 750-8202_firmware 750-8203_firmware 750-8204_firmware 750-8206_firmware 750-8207_firmware 750-8208_firmware 750-8210_firmware 750-8211_firmware +19 more products- EPSS Score: %1.60
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025