Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - Known exploited
CVE-2021-1497
Known exploited
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
9.8
EPSS Score
0.944
Published
2021-05-06
CVE-2021-1498
Known exploited
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
9.8
EPSS Score
0.941
Published
2021-05-06
CVE-2021-21551
Known exploited
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
CVSS Score
8.8
EPSS Score
0.625
Published
2021-05-04
CVE-2021-20090
Known exploited
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.
CVSS Score
9.8
EPSS Score
0.944
Published
2021-04-29
CVE-2021-21206
Known exploited
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.128
Published
2021-04-26
CVE-2021-21220
Known exploited
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.928
Published
2021-04-26
CVE-2021-21224
Known exploited
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.667
Published
2021-04-26
CVE-2021-22204
Known exploited
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
CVSS Score
6.8
EPSS Score
0.932
Published
2021-04-23
CVE-2021-22205
Known exploited
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
CVSS Score
10.0
EPSS Score
0.945
Published
2021-04-23
CVE-2021-22893
Known exploited
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.
CVSS Score
10.0
EPSS Score
0.935
Published
2021-04-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved