The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.
Base Score: 6.4
Impact Score: 4.9
Exploitability Score: 10
Base Score: 9.1
Impact Score: 5.2
Exploitability Score: 3.9
cpe:2.3:a:wibu:codemeter:*:*:*:*:*:*:*:* versions up to 7.21a (inclusive)