Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2021
CVE-2021-20782
Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-07-14
CVE-2021-20784
HTTP header injection vulnerability in Everything version 1.0, 1.1, and 1.2 except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-07-14
CVE-2020-19719
A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628 leads to a denial of service (DOS).
CVSS Score
6.5
EPSS Score
0.604
Published
2021-07-13
CVE-2020-19720
An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVSS Score
6.5
EPSS Score
0.003
Published
2021-07-13
CVE-2020-19721
A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS).
CVSS Score
6.5
EPSS Score
0.004
Published
2021-07-13
CVE-2020-19722
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to a denial of service (DOS).
CVSS Score
6.5
EPSS Score
0.003
Published
2021-07-13
CVE-2020-19716
A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS).
CVSS Score
6.5
EPSS Score
0.001
Published
2021-07-13
CVE-2020-19717
An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVSS Score
6.5
EPSS Score
0.003
Published
2021-07-13
CVE-2020-19718
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVSS Score
6.5
EPSS Score
0.003
Published
2021-07-13
CVE-2021-32755
Wire is a collaboration platform. wire-ios-transport handles authentication of requests, network failures, and retries for the iOS implementation of Wire. In the 3.82 version of the iOS application, a new web socket implementation was introduced for users running iOS 13 or higher. This new websocket implementation is not configured to enforce certificate pinning when available. Certificate pinning for the new websocket is enforced in version 3.84 or above.
CVSS Score
5.4
EPSS Score
0.001
Published
2021-07-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved