Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2021
CVE-2021-32139
The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-33361
Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-33363
Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-33365
Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. This allows the homeserver to decrypt end-to-end encrypted messages sent by affected clients.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-09-13
CVE-2021-40824
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. This allows the attacker to decrypt end-to-end encrypted messages sent by affected clients.
CVSS Score
5.9
EPSS Score
0.002
Published
2021-09-13
CVE-2021-38833
SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. 1.0 allows attackers to execute arbitrary SQL statements and to gain RCE.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-09-13
CVE-2021-33366
Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-33364
Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-33362
Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-09-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved