Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2021
CVE-2020-15939
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-09-06
CVE-2021-36096
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.
CVSS Score
5.2
EPSS Score
0.001
Published
2021-09-06
CVE-2021-36093
It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.
CVSS Score
5.3
EPSS Score
0.004
Published
2021-09-06
CVE-2021-36094
It's possible to craft a request for appointment edit screen, which could lead to the XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.
CVSS Score
5.7
EPSS Score
0.003
Published
2021-09-06
CVE-2021-36095
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG ((OTRS)) Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-09-06
CVE-2021-36744
Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-09-06
CVE-2021-3766
objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Score
7.5
EPSS Score
0.004
Published
2021-09-06
CVE-2021-3767
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
5.4
EPSS Score
0.003
Published
2021-09-06
CVE-2021-3768
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
5.4
EPSS Score
0.002
Published
2021-09-06
CVE-2021-3770
vim is vulnerable to Heap-based Buffer Overflow
CVSS Score
8.6
EPSS Score
0.001
Published
2021-09-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved