Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2021
CVE-2021-30603
Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-08-26
CVE-2021-30604
Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.008
Published
2021-08-26
CVE-2021-36928
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
6.0
EPSS Score
0.013
Published
2021-08-26
CVE-2021-36929
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVSS Score
6.3
EPSS Score
0.023
Published
2021-08-26
CVE-2021-36931
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
4.4
EPSS Score
0.005
Published
2021-08-26
CVE-2020-18467
Cross Site Scripting (XSS) vulnerabilty exists in BigTree-CMS 4.4.3 in the tag name field found in the Tags page under the General menu via a crafted website name by doing an authenticated POST HTTP request to admin/tags/create.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-08-26
CVE-2020-18468
Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Heading field found in the Login Page page under the General menu via a crafted website name by doing an authenticated POST HTTP request to /qdPM_9.1/index.php/configuration.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-08-26
CVE-2020-18469
Stored cross-site scripting (XSS) vulnerability in the Copyright Text field found in the Application page under the Configuration menu in Rukovoditel 2.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to /rukovoditel_2.4.1/index.php?module=configuration/save&redirect_to=configuration/application.
CVSS Score
5.4
EPSS Score
0.001
Published
2021-08-26
CVE-2020-18470
Stored cross-site scripting (XSS) vulnerability in the Name of application field found in the General Configuration page in Rukovoditel 2.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to rukovoditel_2.4.1/install/index.php.
CVSS Score
5.4
EPSS Score
0.001
Published
2021-08-26
CVE-2020-18475
Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The first user inserts a malicious script into the header field of the outbox and sends it to other users. When other users open the email, the malicious code will be executed.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-08-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved