Skip to main content
CVE-2021-37253 HIGH POC This Week

M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP requests with crafted Range or Request-Range headers). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Denial Of Service M Files Web
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2021-44048 HIGH This Week

An out-of-bounds write vulnerability exists when reading a TIF file using Open Design Alliance (ODA) Drawings Explorer before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Drawings Explorer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44047 HIGH This Week

A use-after-free vulnerability exists when reading a DWF/DWFX file using Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Information Disclosure Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44046 HIGH This Week

An out-of-bounds write vulnerability exists when reading U3D files in Open Design Alliance PRC SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Prc Sdk
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44045 HIGH This Week

An out-of-bounds write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44044 HIGH This Week

An out-of-bounds write vulnerability exists when reading a JPG file using Open Design Alliance Drawings SDK before 2022.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy