Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2021
CVE-2020-24663
Trace Financial CRESTBridge <6.3.0.02 contains a stored XSS vulnerability, which was fixed in 6.3.0.03.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-06-10
CVE-2020-24667
Trace Financial CRESTBridge <6.3.0.02 contains an authenticated SQL injection vulnerability, which was fixed in 6.3.0.03.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-06-10
CVE-2020-24668
Trace Financial Crest Bridge <6.3.0.02 contains a stored XSS vulnerability, which was fixed in 6.3.0.03.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-06-10
CVE-2020-24671
Trace Financial CRESTBridge <6.3.0.02 contains an authenticated SQL injection vulnerability, which was fixed in 6.3.0.03.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-06-10
CVE-2020-25467
A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-10
CVE-2021-21666
Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-06-10
CVE-2021-23023
On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, a DLL hijacking issue exists in cachecleaner.dll included in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-06-10
CVE-2021-23024
On version 8.0.x before 8.0.0.1, and all 6.x and 7.x versions, the BIG-IQ Configuration utility has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
7.2
EPSS Score
0.049
Published
2021-06-10
CVE-2021-31538
LANCOM R&S Unified Firewall (UF) devices running LCOS FX 10.5 allow Relative Path Traversal.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-06-10
CVE-2021-31658
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is affected by an Array index error. The interface that provides the "device description" function only judges the length of the received data, and does not filter special characters. This vulnerability will cause the application to crash, and all device configuration information will be erased.
CVSS Score
8.1
EPSS Score
0.003
Published
2021-06-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved