Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2021
CVE-2019-25049
LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
CVSS Score
7.1
EPSS Score
0.002
Published
2021-07-01
CVE-2020-36400
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-07-01
CVE-2020-36401
mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).
CVSS Score
7.8
EPSS Score
0.002
Published
2021-07-01
CVE-2020-36402
Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV "fixed" field but does not have a code change.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-07-01
CVE-2020-36403
HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read).
CVSS Score
8.8
EPSS Score
0.005
Published
2021-07-01
CVE-2020-36404
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-07-01
CVE-2020-36405
Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-07-01
CVE-2020-36194
An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.2.1566 Build 20210202. QNAP Systems Inc. QuTS hero versions prior to h4.5.2.1638 build 20210414. This issue does not affect: QNAP Systems Inc. QTS 4.5.3.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-07-01
CVE-2020-36196
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QuLog Center versions prior to 1.2.0.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-07-01
CVE-2021-28802
A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.1.1540 build 20210107. QNAP Systems Inc. QuTS hero versions prior to h4.5.1.1582 build 20210217.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-07-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved