Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2021
CVE-2021-25332
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition.
CVSS Score
3.2
EPSS Score
0.001
Published
2021-03-04
CVE-2021-25333
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.
CVSS Score
3.2
EPSS Score
0.001
Published
2021-03-04
CVE-2021-25334
Improper input check in wallpaper service in Samsung mobile devices prior to SMR Feb-2021 Release 1 allows untrusted application to cause permanent denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-03-04
CVE-2021-25335
Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.
CVSS Score
2.5
EPSS Score
0.0
Published
2021-03-04
CVE-2021-25336
Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent.
CVSS Score
2.8
EPSS Score
0.0
Published
2021-03-04
CVE-2021-25337
Known exploited
Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.
CVSS Score
4.4
EPSS Score
0.003
Published
2021-03-04
CVE-2021-25338
Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region.
CVSS Score
4.4
EPSS Score
0.0
Published
2021-03-04
CVE-2021-25339
Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory.
CVSS Score
4.4
EPSS Score
0.0
Published
2021-03-04
CVE-2021-26293
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x.
CVSS Score
9.8
EPSS Score
0.507
Published
2021-03-04
CVE-2021-26988
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs.
CVSS Score
3.5
EPSS Score
0.001
Published
2021-03-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved