Skip to main content
CVE-2021-26795 HIGH POC This Week

A SQL Injection vulnerability in /appliance/shiftmgn.php in TalariaX sendQuick Alert Plus Server Admin 4.3 before 8HF11 allows attackers to obtain sensitive information via a Roster Time to Roster. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Sendquick Alert Plus Server Admin
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-43272 CRITICAL Act Now

An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oda Viewer
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2021-43617 CRITICAL POC PATCH THREAT Act Now

Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

Debian PHP File Upload Framework
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
19.8%
CVE-2021-43391 HIGH This Week

An Out-of-Bounds Read vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Drawings Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-43390 HIGH This Week

An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Drawings Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-43336 HIGH This Week

An Out-of-Bounds Write vulnerability exists when reading a DXF or DWG file using Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Drawings Software Development Kit Jt2Go Solid Edge +1
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-43280 HIGH This Week

A stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK before 2022.8. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Drawings Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-43279 HIGH This Week

An out-of-bounds write vulnerability exists in the U3D file reading procedure in Open Design Alliance PRC SDK before 2022.10. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Oda Prc Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-43278 HIGH This Week

An Out-of-bounds Read vulnerability exists in the OBJ file reading procedure in Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Drawings Software Developemnt Kit
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-43277 HIGH This Week

An out-of-bounds read vulnerability exists in the U3D file reading procedure in Open Design Alliance PRC SDK before 2022.10. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Oda Prc Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-43276 HIGH This Week

An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Oda Viewer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-43275 HIGH This Week

A Use After Free vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.8. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Drawings Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-43274 HIGH This Week

A Use After Free Vulnerability exists in the Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service RCE Memory Corruption Drawings Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-41057 HIGH This Week

In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Codemeter Runtime Pss Cape Pss E Pss Odms +6
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2021-43273 LOW Monitor

An Out-of-bounds Read vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.11. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Drawings Sdk
NVD
CVSS 3.1
3.3
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy