Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2021
CVE-2021-25458
NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.
CVSS Score
3.3
EPSS Score
0.0
Published
2021-09-09
CVE-2021-25459
An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-09-09
CVE-2021-25460
An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BlockchainTZService.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-09-09
CVE-2021-25450
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket.
CVSS Score
4.5
EPSS Score
0.001
Published
2021-09-09
CVE-2021-25451
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-09-09
CVE-2021-25452
An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-09-09
CVE-2021-25449
An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-09-09
CVE-2021-28913
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access.
CVSS Score
9.8
EPSS Score
0.028
Published
2021-09-09
CVE-2021-39296
In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.
CVSS Score
10.0
EPSS Score
0.001
Published
2021-09-09
CVE-2020-19264
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved