Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2021
CVE-2021-24393
A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
CVSS Score
7.2
EPSS Score
0.006
Published
2021-09-06
CVE-2021-40523
In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violations and denial of service. Specifically, a server sometimes sends no response, because a fixed buffer space is available for all responses and that space may have been exhausted.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-09-05
CVE-2021-40524
In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value. (Versions 1.0.23 through 1.0.49 are affected.)
CVSS Score
7.5
EPSS Score
0.006
Published
2021-09-05
CVE-2021-40516
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.
CVSS Score
7.5
EPSS Score
0.01
Published
2021-09-05
CVE-2021-23439
This affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).
CVSS Score
4.2
EPSS Score
0.004
Published
2021-09-05
CVE-2021-40509
ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature.
CVSS Score
5.4
EPSS Score
0.006
Published
2021-09-04
CVE-2021-30623
Chromium: CVE-2021-30623 Use after free in Bookmarks
CVSS Score
8.8
EPSS Score
0.003
Published
2021-09-03
CVE-2021-30624
Chromium: CVE-2021-30624 Use after free in Autofill
CVSS Score
8.8
EPSS Score
0.004
Published
2021-09-03
CVE-2021-30606
Chromium: CVE-2021-30606 Use after free in Blink
CVSS Score
8.8
EPSS Score
0.004
Published
2021-09-03
CVE-2021-30607
Chromium: CVE-2021-30607 Use after free in Permissions
CVSS Score
8.8
EPSS Score
0.002
Published
2021-09-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved