Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2021
CVE-2021-38203
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-08-08
CVE-2021-38204
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.
CVSS Score
6.8
EPSS Score
0.001
Published
2021-08-08
CVE-2021-38205
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
CVSS Score
3.3
EPSS Score
0.001
Published
2021-08-08
CVE-2021-38206
The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-08-08
CVE-2021-38207
drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.
CVSS Score
7.5
EPSS Score
0.025
Published
2021-08-08
CVE-2021-38208
net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-08-08
CVE-2021-38209
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-08-08
CVE-2021-38197
unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-08-08
CVE-2021-23419
This affects the package open-graph before 0.2.6. The function parse could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor payload.
CVSS Score
7.3
EPSS Score
0.004
Published
2021-08-08
CVE-2021-38192
An issue was discovered in the prost-types crate before 0.8.0 for Rust. An overflow can occur during conversion from Timestamp to SystemTime.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-08-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved