VulDB is a vulnerability database documenting more than 174000 vulnerabilities since 1970. The following list shows the latest vulnerabilities threats and exploits
- anchorme main cross site scripting
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Web Server cross site scripting
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 CSV Import cross site scripting
- BlackBoard Learn up to 9.1 Feedback to Learner Form cross site scripting
- BlackBoard Learn up to 9.1 Assignment Instructions HTML Editor cross site scripting
- libheif 1.4.0 Exception denial of service
- matio 1.5.17 mat5.c Mat_VarReadNextInfo5 integer overflow
- sam2p 0.49.4 Exception memory corruption
- sam2p 0.49.4 cgif.c memory corruption
- tinyexr 0.9.5 tinyexr.h tinyexr::DecodePixelData integer overflow
- PDF2JSON 0.70 CCITTFaxStream::lookChar denial of service
- PDF2JSON 0.70 Gfx::doShowText use after free
- PDF2JSON 0.70 Exception DCTStream::decodeImage denial of service
- PDF2JSON 0.70 DCTStream::readHuffSym denial of service
- PDF2JSON 0.70 DCTStream::decodeImage denial of service
- PDF2JSON 0.70 DCTStream::getChar denial of service
- PDF2JSON 0.70 DCTStream::reset denial of service
- PDF2JSON 0.70 EmbedStream::getChar null pointer dereference
- PDF2JSON 0.70 transformDataUnit use after free
- PDF2JSON 0.70 transformDataUnit denial of service
- PDF2JSON 0.70 ObjectStream::getObject denial of service
- PDF2JSON 0.70 XRef::fetch stack-based overflow
- PDF2JSON 0.70 vfprintf stack-based overflow
- wolfSSL 4.6.x/4.7.x OCSP Response Privilege Escalation
- Collabora Online up to 4.2.17/6.4.9-4 Online Editor resource injection
- Teradici PCoIP Software Client prior 21.07.0 fUSBHub Driver resource consumption
- Teradici PCOIP Software Agent prior 21.07.0 USB vHub command injection
- msgpack Unpack deserialization [CVE-2021-23410]
- graphhopper-web-bundle up to 3.1/4.0-pre1 URL Parser Remote Code Execution
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior 3.4.0.1 hash without salt
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Web Server Privilege Escalation
- Schneider Electric Easergy T300 up to 2.7.1 csv injection [CVE-2021-22771]
- Schneider Electric Easergy T300 up to 2.7.1 information disclosure
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Web Server hard-coded credentials
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Web Server hard-coded password
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Web Server entropy
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 signature verification
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Web Server hard-coded credentials
- Elasticsearch Elastic Cloud Enterprise API permission [CVE-2021-22146]
- Tenable Nessus Agent up to 8.2.5 access control [CVE-2021-20106]
- MV mConnect 02.001.00 Logon Page sql injection
- Motorola CX2 CX 1.0.2 Build 20190508 Rel.97360n SetWLanApcliSettings command injection
- Motorola CX2 CX 1.0.2 Build 20190508 Rel.97360n HNAP1/GetMultipleHNAPs missing authentication
- Motorola CX2 CX 1.0.2 Build 20190508 Rel.97360n GetNetworkTomographySettings command injection
- Motorola CX2 CX 1.0.2 Build 20190508 Rel.97360n Login /Login.html improper authentication
- Artifex MuPDF up to 1.17.x TIFF File tiff_expand_colormap denial of service
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 server-side request forgery
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Web Page Generation cross site scripting
- Combodo iTop up to 2.7.3 CSRF Token cross-site request forgery
- libheif 1.4.0 get_references memory corruption
- GPAC MP4Box up to 0.7.x MP4 File media_tools/mpegts.c gf_m2ts_process_pmt denial of service
- Schneider Electric C-Bus Toolkit up to 1.15.8 missing authentication
- Schneider Electric SoSafe Configurable prior 1.8.1 Project File deserialization
- GPAC MP4Box 0.8.0 box_code_apple.c ilst_item_Read denial of service
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Maintenance Report information disclosure
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Maintenance Report information disclosure
- Schneider Electric EVlink City/EVlink Parking/EVlink Smart Wallbox prior R8 V3.4.0.1 Javascript information disclosure
- Combodo iTop up to 2.7.3 Setup Wizard command injection
- Motorola CX2 CX 1.0.2 Build 20190508 Rel.97360n Syslog improper authentication
- Motorola CX2 CX 1.0.2 Build 20190508 Rel.97360n Log Tar Package information disclosure
- MikroTik RouterOS up to 6.46 ipsec denial of service
- MikroTik RouterOS 6.44.6 /nova/bin/igmp-proxy null pointer dereference
- Elasticsearch up to 7.13.3 Error Report information exposure
- MV mConnect 02.001.00 Logon Page information disclosure
- MikroTik RouterOS up to 6.44.5 /nova/bin/cerm resource consumption
- Teradici PCoIP Software Client prior 21.07.0 OpenSSL untrusted search path
- Teradici PCoIP Standard Agent prior 21.07.0 OpenSSL untrusted search path
- Piwigo 2.10.1 admin.php cross site scripting
- Piwigo 2.10.1 /admin.php cross site scripting
- Linux Kernel up to 5.13.4 drivers/net/usb/hso.c hso_free_net_device use after free
- WooCommerce Stock Manager Plugin up to 2.5.7 Nonce import-export.php cross-site request forgery
- Hashicorp Terraform Enterprise up to 202106-1 API Request access control
- Pires go-proxyproto up to 0.5.x Proxy Protocol Header denial of service
- systemd up to 248 basic/unit-name.c strdupa/alloca allocation of resources
- Gradle up to 7.1 on Unix application/gradlew os command injection
- Linux Kernel up to 5.13.3 Filesystem Layer out-of-bounds write
- NVIDIA Virtual GPU Manager up to 8.7/11.4/12.2 vGPU null pointer dereference
- NVIDIA Virtual GPU Manager up to 8.7/11.4/12.2 vGPU denial of service
- NVIDIA Virtual GPU Manager up to 8.7/11.4/12.2 vGPU null pointer dereference
- Trend Micro Apex One permission [CVE-2021-32463]
- Faraday Edge up to 3.6 Network Name network/create/ name cross site scripting
- Fortinet FortiAnalyzer/FortiManager up to 6.2.7/6.4.5 CLI ip denial of service
- Open vSwitch up to 2.15.0 decode_NXAST_RAW_ENCAP use after free
- Unicorn Engine 1.0.2 tb_flush_armeb out-of-bounds write
- QPDF up to 10.0.4 Pl_ASCII85Decoder::write heap-based overflow
- matio 1.5.20/1.5.21 H5MM_memcpy heap-based overflow
- libarchive up to 3.5.1 copy_string use after free
- Mojang Studios Minecraft up to 1.17.0 Online Mode path traversal
- libsndfile 1.0.30 WAV File msadpcm_decode_block heap-based overflow
- Fortinet FortiSandbox up to 3.2.1 Sniffer Module os command injection
- Tobesoft XPlatform up to 9.2.2.270 ActiveX input validation
- Unicorn Engine 1.0.2 helper_wfe_arm out-of-bounds write
- libass up to 0.15.0 Integer Data decode_chars heap-based overflow
- open62541 up to 1.0.3 Variant_encodeJson out-of-bounds write
- matio 1.5.18/1.5.19/1.5.20/1.5.21 Readt32DataDouble heap-based overflow
- gdal up to 3.0.4 netCDF nc4_get_att stack-based overflow
- NVIDIA Virtual GPU Manager up to 8.7/11.4/12.2 stack-based overflow
- NVIDIA Virtual GPU Manager up to 8.7/11.4/12.2 Services buffer overflow
- Foxit PDF SDK for Web up to 7.5.0 PDF Document app.alert cross site scripting
- NVIDIA Virtual GPU Manager up to 8.7/11.4/12.2 Kernel Mode Driver nvidia.ko denial of service