Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2021
CVE-2021-40873
An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a client or server. The server process may crash unexpectedly because of a double free, and must be restarted.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-11-10
CVE-2021-33618
Dolibarr ERP and CRM 13.0.2 allows XSS via object details, as demonstrated by > and < characters in the onpointermove attribute of a BODY element to the user-management feature.
CVSS Score
6.1
EPSS Score
0.025
Published
2021-11-10
CVE-2020-23898
A User Mode Write AV in Editor+0x5ea2 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-11-10
CVE-2020-23899
A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-11-10
CVE-2020-23900
A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethodImplementationIntercept+0x57a3b.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-11-10
CVE-2020-23901
A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-11-10
CVE-2020-23902
A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Editor!TMethodImplementationIntercept+0x528a3.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-11-10
CVE-2020-23903
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-10
CVE-2020-23904
A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-11-10
CVE-2020-23906
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved