Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - Known exploited
CVE-2021-26086
Known exploited
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1.
CVSS Score
5.3
EPSS Score
0.942
Published
2021-08-16
CVE-2021-36380
Known exploited
Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi.
CVSS Score
9.8
EPSS Score
0.936
Published
2021-08-13
CVE-2021-36942
Known exploited
Windows LSA Spoofing Vulnerability
CVSS Score
7.5
EPSS Score
0.937
Published
2021-08-12
CVE-2021-36948
Known exploited
Windows Update Medic Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.011
Published
2021-08-12
CVE-2021-34484
Known exploited
Windows User Profile Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.028
Published
2021-08-12
CVE-2021-34486
Known exploited
Windows Event Tracing Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.365
Published
2021-08-12
CVE-2021-20028
Known exploited
Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier
CVSS Score
9.8
EPSS Score
0.829
Published
2021-08-04
CVE-2021-30563
Known exploited
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.031
Published
2021-08-03
CVE-2021-26085
Known exploited
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
CVSS Score
5.3
EPSS Score
0.94
Published
2021-08-03
CVE-2021-36741
Known exploited
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability.
CVSS Score
8.8
EPSS Score
0.007
Published
2021-07-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved