Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2020
CVE-2020-35898
An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVSS Score
9.1
EPSS Score
0.003
Published
2020-12-31
CVE-2020-35899
An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35900
An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A pop_back() call may lead to a use-after-free.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35901
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-12-31
CVE-2020-35902
An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-12-31
CVE-2020-25844
The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege.
CVSS Score
8.1
EPSS Score
0.025
Published
2020-12-31
CVE-2020-25845
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
CVE-2020-25846
The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
CVE-2020-25848
HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-12-31
CVE-2020-25850
The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files.
CVSS Score
8.1
EPSS Score
0.004
Published
2020-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved