Latest CVE Feed
-
9.8
CRITICALCVE-2021-30193
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-30194
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.53
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-30195
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +46 more products- EPSS Score: %0.42
- Published: May. 25, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34583
Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %3.82
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-34584
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.61
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34585
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %0.47
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34586
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +45 more products- EPSS Score: %3.29
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-34593
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communica... Read more
Affected Products : plcwinnt runtime_toolkit 750-8202_firmware 750-8203_firmware 750-8204_firmware 750-8206_firmware 750-8207_firmware 750-8208_firmware 750-8210_firmware 750-8211_firmware +19 more products- EPSS Score: %1.60
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
8.1
HIGHCVE-2021-34595
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +47 more products- EPSS Score: %0.47
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2021-34596
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +47 more products- EPSS Score: %0.24
- Published: Oct. 26, 2021
- Modified: Aug. 15, 2025
-
5.5
MEDIUMCVE-2021-34976
Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this... Read more
- Published: May. 07, 2024
- Modified: Aug. 15, 2025
-
6.8
MEDIUMCVE-2021-35567
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitabl... Read more
Affected Products : fedora debian_linux active_iq_unified_manager hci_management_node solidfire oncommand_insight oncommand_workflow_automation jdk jre e-series_santricity_os_controller +6 more products- EPSS Score: %0.16
- Published: Oct. 20, 2021
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2018-10951
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.... Read more
- EPSS Score: %0.39
- Published: May. 10, 2018
- Modified: Aug. 15, 2025
-
6.1
MEDIUMCVE-2018-6882
Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Lo... Read more
Affected Products : zimbra_collaboration_suite- Actively Exploited
- EPSS Score: %65.60
- Published: Mar. 27, 2018
- Modified: Aug. 15, 2025
-
10.0
HIGHCVE-2018-7445
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before... Read more
Affected Products : routeros- Actively Exploited
- EPSS Score: %87.80
- Published: Mar. 19, 2018
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2019-3924
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerabi... Read more
Affected Products : routeros- EPSS Score: %12.22
- Published: Feb. 20, 2019
- Modified: Aug. 15, 2025
-
8.8
HIGHCVE-2020-15841
Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server's password via the Test LDA... Read more
- EPSS Score: %0.34
- Published: Jul. 20, 2020
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-21000
On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +44 more products- EPSS Score: %0.13
- Published: May. 24, 2021
- Modified: Aug. 15, 2025
-
9.1
CRITICALCVE-2021-21001
On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware 750-891_firmware 750-823_firmware +44 more products- EPSS Score: %0.24
- Published: May. 24, 2021
- Modified: Aug. 15, 2025
-
7.5
HIGHCVE-2021-30186
CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.... Read more
Affected Products : 750-831_firmware 750-852_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-829_firmware 750-882_firmware 750-885_firmware plcwinnt runtime_toolkit +46 more products- EPSS Score: %0.45
- Published: May. 25, 2021
- Modified: Aug. 15, 2025