Skip to main content
CVE-2021-25631 HIGH POC This Week

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libreoffice
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-29238 HIGH This Week

CODESYS Automation Server before 1.16.0 allows cross-site request forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Automation Server
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-29239 HIGH This Week

CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Development System
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29241 HIGH This Week

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Control For Beaglebone Sl Control For Empc A Imx6 Sl Control For Iot2000 Sl +8
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2021-31996 HIGH This Week

An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Algorithmica
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-29242 HIGH This Week

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Control For Beaglebone Sl Control For Empc A Imx6 Sl Control For Iot2000 Sl Control For Linux Arm Sl +18
NVD
CVSS 3.1
7.3
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy