Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2021
CVE-2021-22367
There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass.
CVSS Score
9.8
EPSS Score
0.002
Published
2021-06-30
CVE-2021-22368
There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-06-30
CVE-2021-32736
think-helper defines a set of helper functions for ThinkJS. In versions of think-helper prior to 1.1.3, the software receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype. The vulnerability is patched in version 1.1.3.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-06-30
CVE-2021-21672
Jenkins Selenium HTML report Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVSS Score
4.3
EPSS Score
0.189
Published
2021-06-30
CVE-2021-21673
Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
CVSS Score
6.1
EPSS Score
0.009
Published
2021-06-30
CVE-2021-21674
A missing permission check in Jenkins requests-plugin Plugin 2.2.6 and earlier allows attackers with Overall/Read permission to view the list of pending requests.
CVSS Score
4.3
EPSS Score
0.007
Published
2021-06-30
CVE-2021-21675
A cross-site request forgery (CSRF) vulnerability in Jenkins requests-plugin Plugin 2.2.12 and earlier allows attackers to create requests and/or have administrators apply pending requests.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-06-30
CVE-2021-21676
Jenkins requests-plugin Plugin 2.2.7 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to send test emails to an attacker-specified email address.
CVSS Score
4.3
EPSS Score
0.004
Published
2021-06-30
CVE-2021-21670
Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission.
CVSS Score
4.3
EPSS Score
0.019
Published
2021-06-30
CVE-2021-21671
Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.
CVSS Score
7.5
EPSS Score
0.041
Published
2021-06-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved