Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2021
CVE-2019-25050
netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).
CVSS Score
7.8
EPSS Score
0.001
Published
2021-07-20
CVE-2019-25051
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
CVSS Score
7.8
EPSS Score
0.0
Published
2021-07-20
CVE-2020-36428
matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).
CVSS Score
8.8
EPSS Score
0.002
Published
2021-07-20
CVE-2020-36429
Variant_encodeJson in open62541 1.x before 1.0.4 has an out-of-bounds write for a large recursion depth.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-07-20
CVE-2020-36430
libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-07-20
CVE-2020-36431
Unicorn Engine 1.0.2 has an out-of-bounds write in helper_wfe_arm.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-07-20
CVE-2021-35054
Minecraft before 1.17.1, when online-mode=false is configured, allows path traversal for deletion of arbitrary JSON files.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-07-20
CVE-2021-36976
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
CVSS Score
6.5
EPSS Score
0.001
Published
2021-07-20
CVE-2021-36977
matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MM_memcpy (called from H5MM_malloc and H5C_load_entry), related to use of HDF5 1.12.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-07-20
CVE-2021-26082
The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-07-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved