Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2021
CVE-2020-21815
A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash).
CVSS Score
6.5
EPSS Score
0.002
Published
2021-05-17
CVE-2020-21816
A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-05-17
CVE-2020-21817
A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash).
CVSS Score
6.5
EPSS Score
0.002
Published
2021-05-17
CVE-2020-21818
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-05-17
CVE-2020-21819
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-05-17
CVE-2020-24992
There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when an administrator accesses the content management module.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-05-17
CVE-2020-24993
There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when visitors access the article module.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-05-17
CVE-2020-29205
XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field
CVSS Score
6.1
EPSS Score
0.005
Published
2021-05-17
CVE-2021-29023
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-05-17
CVE-2021-29024
In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. Allowing an attacker to directory traversal and download files suppose to be private without authentication.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-05-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved