Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2021-26505
Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.
CVSS Score
9.8
EPSS Score
0.013
Published
2023-08-11
CVE-2021-27523
An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface.
CVSS Score
9.8
EPSS Score
0.013
Published
2023-08-11
CVE-2021-27524
Cross Site Scripting (XSS) vulnerability in margox braft-editor version 2.3.8, allows remote attackers to execute arbitrary code via the embed media feature.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-08-11
CVE-2021-28025
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-11
CVE-2021-28411
An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-08-11
CVE-2021-28427
Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-11
CVE-2021-28429
Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-11
CVE-2021-28835
Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-11
CVE-2021-29057
An issue was discovered in StaticPool in SUCHMOKUO node-worker-threads-pool version 1.4.3, allows attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-11
CVE-2021-29378
SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-08-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved