Skip to main content
CVE-2021-25294 CRITICAL POC PATCH THREAT Act Now

OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization RCE PHP Opencats
NVD GitHub
CVSS 3.1
9.8
EPSS
10.7%
CVE-2021-3166 HIGH POC This Week

An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Dsl N14U B1 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
2.9%
CVE-2021-25295 MEDIUM POC This Month

OpenCATS through 0.9.5-3 has multiple Cross-site Scripting (XSS) issues. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opencats
NVD GitHub
CVSS 3.1
6.1
EPSS
1.5%
CVE-2021-25178 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service RCE Memory Corruption Drawings Software Development Kit +3
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2021-25177 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Denial Of Service Memory Corruption Drawings Software Development Kit Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-25176 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Drawings Software Development Kit Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-25175 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Drawings Software Development Kit Comos Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2021-25174 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service Memory Corruption Drawings Software Development Kit Comos +2
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-25173 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Drawings Software Development Kit Comos Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy