Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2021
CVE-2021-3843
A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-11-12
CVE-2021-43610
Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via an invalid From header (request URI without a parameter) in an unauthenticated SIP message, a different issue than CVE-2021-33056.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-11-12
CVE-2021-43611
Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via " \ " in the display name of a From header.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-12
CVE-2020-21141
iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=members&do=add.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-11-12
CVE-2021-3519
A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes.
CVSS Score
6.4
EPSS Score
0.0
Published
2021-11-12
CVE-2021-3577
An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device.
CVSS Score
8.8
EPSS Score
0.864
Published
2021-11-12
CVE-2021-3599
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-11-12
CVE-2021-3718
A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.
CVSS Score
4.3
EPSS Score
0.0
Published
2021-11-12
CVE-2021-3719
A potential vulnerability in the SMI callback function that saves and restore boot script tables used for resuming from sleep state in some ThinkCentre and ThinkStation models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-11-12
CVE-2021-39303
The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-11-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved