Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2021
CVE-2021-3804
taro is vulnerable to Inefficient Regular Expression Complexity
CVSS Score
7.5
EPSS Score
0.002
Published
2021-09-17
CVE-2021-3807
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
CVSS Score
7.5
EPSS Score
0.002
Published
2021-09-17
CVE-2021-3810
code-server is vulnerable to Inefficient Regular Expression Complexity
CVSS Score
7.5
EPSS Score
0.002
Published
2021-09-17
CVE-2021-3811
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
6.7
EPSS Score
0.002
Published
2021-09-17
CVE-2021-3812
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
6.7
EPSS Score
0.002
Published
2021-09-17
CVE-2021-1939
Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CVSS Score
8.4
EPSS Score
0.0
Published
2021-09-17
CVE-2021-1947
Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVSS Score
8.4
EPSS Score
0.001
Published
2021-09-17
CVE-2021-1976
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVSS Score
9.8
EPSS Score
0.003
Published
2021-09-17
CVE-2021-3805
object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Score
7.5
EPSS Score
0.001
Published
2021-09-17
CVE-2021-20828
Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series) all versions allows a remote attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-09-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved