Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2021
CVE-2019-18943
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-02-26
CVE-2019-18944
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
CVSS Score
4.9
EPSS Score
0.001
Published
2021-02-26
CVE-2019-18945
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.
CVSS Score
7.3
EPSS Score
0.002
Published
2021-02-26
CVE-2019-18946
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.
CVSS Score
4.8
EPSS Score
0.001
Published
2021-02-26
CVE-2019-18947
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure.
CVSS Score
3.5
EPSS Score
0.001
Published
2021-02-26
CVE-2021-23962
Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-02-26
CVE-2021-23963
When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-02-26
CVE-2021-23977
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.
CVSS Score
5.3
EPSS Score
0.004
Published
2021-02-26
CVE-2021-23953
If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
CVSS Score
4.3
EPSS Score
0.004
Published
2021-02-26
CVE-2021-23954
Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-02-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved