Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2021
CVE-2020-22874
Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.031
Published
2021-07-13
CVE-2020-22875
Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.031
Published
2021-07-13
CVE-2020-22876
Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote attackers to cause denial of service. This issue is resolved in the 2020-07-05 release.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-07-13
CVE-2020-22882
Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. Fixed in commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-07-13
CVE-2020-22884
Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.026
Published
2021-07-13
CVE-2020-22885
Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-07-13
CVE-2020-22886
Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-07-13
CVE-2020-22907
Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-07-13
CVE-2021-20593
Incorrect Implementation of Authentication Algorithm in Mitsubishi Electric Air Conditioning System/Centralized Controllers (G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to Ver. 3.35, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and prior, EB-50GU-A Ver 7.09 and prior, EB-50GU-J Ver 7.09 and prior, AE-200A Ver 7.93 and prior, AE-200E Ver 7.93 and prior, AE-50A Ver 7.93 and prior, AE-50E Ver 7.93 and prior, EW-50A Ver 7.93 and prior, EW-50E Ver 7.93 and prior, TE-200A Ver 7.93 and prior, TE-50A Ver 7.93 and prior, TW-50A Ver 7.93 and prior, CMS-RMD-J Ver.1.30 and prior) and Air Conditioning System/Expansion Controllers (PAC-YG50ECA Ver.2.20 and prior) allows a remote authenticated attacker to impersonate administrators to disclose configuration information of the air conditioning system and tamper information (e.g. operation information and configuration of air conditioning system) by exploiting this vulnerability.
CVSS Score
7.1
EPSS Score
0.001
Published
2021-07-13
CVE-2021-31220
SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
CVSS Score
5.2
EPSS Score
0.001
Published
2021-07-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved