Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2021
CVE-2021-20217
A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-03-25
CVE-2020-35502
A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-03-25
CVE-2021-20210
A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash.
CVSS Score
7.5
EPSS Score
0.011
Published
2021-03-25
CVE-2021-20211
A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-03-25
CVE-2021-20212
A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash.
CVSS Score
7.5
EPSS Score
0.011
Published
2021-03-25
CVE-2021-20213
A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed.
CVSS Score
7.5
EPSS Score
0.013
Published
2021-03-25
CVE-2021-25367
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
CVSS Score
3.7
EPSS Score
0.002
Published
2021-03-25
CVE-2021-25368
Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-03-25
CVE-2021-21783
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-03-25
CVE-2021-25349
Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved