Latest CVE Feed
-
5.3
MEDIUMCVE-2021-30187
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware runtime_toolkit 750-891_firmware +45 more products- EPSS Score: %0.12
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30188
CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt 750-891_firmware +46 more products- EPSS Score: %0.57
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30189
CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.57
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30190
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.43
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-30191
CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.41
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30192
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.8
CRITICALCVE-2021-30193
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-30194
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-30195
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +46 more products- EPSS Score: %0.42
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34583
Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %3.82
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-34584
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.61
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34585
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.47
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34586
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %3.29
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34593
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communica... Read more
Affected Products : plcwinnt runtime_toolkit 750-8202_firmware 750-8203_firmware 750-8204_firmware 750-8206_firmware 750-8207_firmware 750-8208_firmware 750-8210_firmware 750-8211_firmware +19 more products- EPSS Score: %1.60
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
8.1
HIGHCVE-2021-34595
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +47 more products- EPSS Score: %0.47
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2021-34596
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +47 more products- EPSS Score: %0.24
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
5.5
MEDIUMCVE-2021-34976
Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this... Read more
- Published: May. 07, 2024
- Modified: Aug. 15, 2025
-
6.8
MEDIUMCVE-2021-35567
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitabl... Read more
Affected Products : fedora debian_linux active_iq_unified_manager hci_management_node solidfire oncommand_insight oncommand_workflow_automation jdk jre e-series_santricity_os_controller +6 more products- EPSS Score: %0.17
- Published: Oct. 20, 2021
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2018-10951
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.... Read more
- EPSS Score: %0.39
- Published: May. 10, 2018
- Modified: Aug. 15, 2025
-
6.1
MEDIUMCVE-2018-6882
Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Lo... Read more
Affected Products : zimbra_collaboration_suite- Actively Exploited
- EPSS Score: %65.60
- Published: Mar. 27, 2018
- Modified: Aug. 15, 2025