Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2021
CVE-2021-26432
Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.132
Published
2021-08-12
CVE-2021-26433
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
CVSS Score
7.5
EPSS Score
0.216
Published
2021-08-12
CVE-2021-33762
Azure CycleCloud Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.002
Published
2021-08-12
CVE-2021-34471
Microsoft Windows Defender Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2021-08-12
CVE-2021-32808
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could result in executing JavaScript code. It affects all users using the CKEditor 4 plugins listed above at version >= 4.13.0. The problem has been recognized and patched. The fix will be available in version 4.16.2.
CVSS Score
7.6
EPSS Score
0.008
Published
2021-08-12
CVE-2021-32809
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It affects all users using the CKEditor 4 plugins listed above at version >= 4.5.2. The problem has been recognized and patched. The fix will be available in version 4.16.2.
CVSS Score
4.6
EPSS Score
0.006
Published
2021-08-12
CVE-2020-18445
Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-08-12
CVE-2020-18446
Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the param parameter in the insertContent function in ContentModel.php.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-08-12
CVE-2021-20509
IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 198243.
CVSS Score
7.0
EPSS Score
0.008
Published
2021-08-12
CVE-2021-38291
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.
CVSS Score
7.5
EPSS Score
0.018
Published
2021-08-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved