Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2021
CVE-2021-4193
vim is vulnerable to Out-of-bounds Read
CVSS Score
5.5
EPSS Score
0.003
Published
2021-12-31
CVE-2021-4192
vim is vulnerable to Use After Free
CVSS Score
5.5
EPSS Score
0.002
Published
2021-12-31
CVE-2021-45077
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-12-30
CVE-2021-45732
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools, a user can reconfigure settings not intended to be manipulated, repackage the configuration, and restore a backup causing these settings to be changed.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-12-30
CVE-2021-4181
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.0
Published
2021-12-30
CVE-2021-4182
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.0
Published
2021-12-30
CVE-2021-4183
Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file
CVSS Score
5.5
EPSS Score
0.001
Published
2021-12-30
CVE-2021-4184
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.0
Published
2021-12-30
CVE-2021-4185
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.0
Published
2021-12-30
CVE-2021-4186
Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
6.3
EPSS Score
0.001
Published
2021-12-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved