Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2022
CVE-2021-40573
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in list.c, which allows attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-13
CVE-2021-40574
The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-01-13
CVE-2021-40575
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-40566.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-13
CVE-2021-40576
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-13
CVE-2021-45422
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET. No authentication is required.
CVSS Score
6.1
EPSS Score
0.116
Published
2022-01-13
CVE-2021-45807
jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadAndInstall.
CVSS Score
9.8
EPSS Score
0.022
Published
2022-01-13
CVE-2021-40569
The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-13
CVE-2021-40570
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-01-13
CVE-2021-40571
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-01-13
CVE-2021-40813
A cross-site scripting (XSS) vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-01-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved