Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2022
CVE-2021-46237
An untrusted pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-21
CVE-2021-46238
GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at scenegraph/base_scenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.002
Published
2022-01-21
CVE-2021-46239
The binary MP4Box in GPAC v1.1.0 was discovered to contain an invalid free vulnerability via the function gf_free () at utils/alloc.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-21
CVE-2021-46240
A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_dump_vrml_sffield () at scene_manager/scene_dump.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.002
Published
2022-01-21
CVE-2021-46242
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-01-21
CVE-2021-46243
An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
6.5
EPSS Score
0.005
Published
2022-01-21
CVE-2021-46244
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
CVSS Score
6.5
EPSS Score
0.001
Published
2022-01-21
CVE-2021-23631
This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-01-21
CVE-2021-23664
The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.
CVSS Score
8.6
EPSS Score
0.003
Published
2022-01-21
CVE-2021-40595
SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /leave_system/classes/Login.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-01-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved