Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2021
CVE-2020-36216
An issue was discovered in Input<R> in the eventio crate before 0.5.1 for Rust. Because a non-Send type can be sent to a different thread, a data race and memory corruption can occur.
CVSS Score
5.9
EPSS Score
0.004
Published
2021-01-26
CVE-2020-36217
An issue was discovered in the may_queue crate through 2020-11-10 for Rust. Because Queue does not have bounds on its Send trait or Sync trait, memory corruption can occur.
CVSS Score
5.9
EPSS Score
0.004
Published
2021-01-26
CVE-2020-36218
An issue was discovered in the buttplug crate before 1.0.4 for Rust. ButtplugFutureStateShared does not properly consider (!Send|!Sync) objects, leading to a data race.
CVSS Score
5.9
EPSS Score
0.004
Published
2021-01-26
CVE-2020-36219
An issue was discovered in the atomic-option crate through 2020-10-31 for Rust. Because AtomicOption<T> implements Sync unconditionally, a data race can occur.
CVSS Score
5.9
EPSS Score
0.004
Published
2021-01-26
CVE-2020-36220
An issue was discovered in the va-ts crate before 0.0.4 for Rust. Because Demuxer<T> omits a required T: Send bound, a data race and memory corruption can occur.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-01-26
CVE-2020-36221
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
CVSS Score
7.5
EPSS Score
0.476
Published
2021-01-26
CVE-2020-36222
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.359
Published
2021-01-26
CVE-2020-36223
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
CVSS Score
7.5
EPSS Score
0.06
Published
2021-01-26
CVE-2020-36224
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-01-26
CVE-2020-35853
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie according to the crafted payload.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-01-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved