Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2021
CVE-2021-24902
The Typebot | Build beautiful conversational forms WordPress plugin before 1.4.3 does not sanitise and escape the Publish ID setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-12-27
CVE-2021-45709
An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption and decryption, an unaligned read of a u32 may occur.
CVSS Score
9.8
EPSS Score
0.002
Published
2021-12-27
CVE-2021-45710
An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption.
CVSS Score
8.1
EPSS Score
0.002
Published
2021-12-27
CVE-2021-45711
An issue was discovered in the simple_asn1 crate 0.6.0 before 0.6.1 for Rust. There is a panic if UTCTime data, supplied by a remote attacker, has a second character greater than 0x7f.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-12-27
CVE-2021-45685
An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::read_typed_vec may read from uninitialized memory locations.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-12-27
CVE-2021-45686
An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preamble_skipcount may read from uninitialized memory locations.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-12-27
CVE-2021-45687
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-12-27
CVE-2021-45688
An issue was discovered in the ash crate before 0.33.1 for Rust. util::read_spv may read from uninitialized memory locations.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-12-27
CVE-2021-45689
An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfx_auxil::read_spirv may read from uninitialized memory locations.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-12-27
CVE-2021-45690
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_binary may read from uninitialized memory locations.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved