Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2021
CVE-2021-38727
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/logs/items
CVSS Score
9.8
EPSS Score
0.012
Published
2021-09-09
CVE-2021-32485
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926.
CVSS Score
7.5
EPSS Score
0.017
Published
2021-09-09
CVE-2021-32486
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928.
CVSS Score
7.5
EPSS Score
0.017
Published
2021-09-09
CVE-2021-32487
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456.
CVSS Score
7.5
EPSS Score
0.017
Published
2021-09-09
CVE-2021-32484
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917.
CVSS Score
7.5
EPSS Score
0.017
Published
2021-09-09
CVE-2021-38540
The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution. This issue affects Apache Airflow >=2.0.0, <2.1.3.
CVSS Score
9.8
EPSS Score
0.899
Published
2021-09-09
CVE-2021-38721
FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability
CVSS Score
6.5
EPSS Score
0.002
Published
2021-09-09
CVE-2021-38723
FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/pages/items
CVSS Score
8.8
EPSS Score
0.002
Published
2021-09-09
CVE-2021-38725
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php
CVSS Score
5.3
EPSS Score
0.002
Published
2021-09-09
CVE-2020-19144
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved