Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2021
CVE-2020-36468
An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::write performs non-atomic write operations on an underlying pointer.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-08-08
CVE-2020-36469
An issue was discovered in the appendix crate through 2020-11-15 for Rust. For the generic K and V type parameters, Send and Sync are implemented unconditionally.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-08-08
CVE-2020-36470
An issue was discovered in the disrustor crate through 2020-12-17 for Rust. RingBuffer doe not properly limit the number of mutable references.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-08-08
CVE-2020-36471
An issue was discovered in the generator crate before 0.7.0 for Rust. It does not ensure that a function (for yielding values) has Send bounds.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-08-08
CVE-2020-36472
An issue was discovered in the max7301 crate before 0.2.0 for Rust. The ImmediateIO and TransactionalIO types implement Sync for all Expander<EI> types that they contain.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-08-08
CVE-2021-36221
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
CVSS Score
5.9
EPSS Score
0.002
Published
2021-08-08
CVE-2021-38186
An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-08-08
CVE-2021-38187
An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a *u8 to a *u64.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-08-08
CVE-2021-38188
An issue was discovered in the iced-x86 crate through 1.10.3 for Rust. In Decoder::new(), slice.get_unchecked(slice.length()) is used unsafely.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-08-08
CVE-2021-38189
An issue was discovered in the lettre crate before 0.9.6 for Rust. In an e-mail message body, an attacker can place a . character after two <CR><LF> sequences and then inject arbitrary SMTP commands.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-08-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved