Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2021
CVE-2021-36212
app/View/SharingGroups/view.ctp in MISP before 2.4.146 allows stored XSS in the sharing groups view.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-07-07
CVE-2021-22224
A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim
CVSS Score
7.1
EPSS Score
0.004
Published
2021-07-07
CVE-2021-22225
Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown
CVSS Score
4.7
EPSS Score
0.001
Published
2021-07-07
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVSS Score
8.3
EPSS Score
0.824
Published
2021-07-07
CVE-2021-25952
Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution.
CVSS Score
9.8
EPSS Score
0.029
Published
2021-07-07
CVE-2021-22227
A reflected cross-site script vulnerability in GitLab before versions 13.11.6, 13.12.6 and 14.0.2 allowed an attacker to send a malicious link to a victim and trigger actions on their behalf if they clicked it
CVSS Score
6.1
EPSS Score
0.001
Published
2021-07-07
CVE-2021-22230
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2.
CVSS Score
4.9
EPSS Score
0.002
Published
2021-07-07
CVE-2021-22231
A denial of service in user's profile page is found starting with GitLab CE/EE 8.0 that allows attacker to reject access to their profile page via using a specially crafted username.
CVSS Score
3.5
EPSS Score
0.004
Published
2021-07-07
CVE-2021-26035
An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a XSS vulnerability.
CVSS Score
6.1
EPSS Score
0.022
Published
2021-07-07
CVE-2021-26036
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-07-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved