Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 11.0  Security Vulnerabilities
CVE-2021-35197
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a "sitewide block" applied, it is able to still "purge" pages through the MediaWiki Action API (which a "sitewide block" should have prevented).
CVSS Score
7.5
EPSS Score
0.01
Published
2021-07-02
CVE-2021-3630
An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-30
CVE-2021-3500
A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-06-24
CVE-2021-32490
A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-06-24
CVE-2021-32491
A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-06-24
CVE-2021-32492
A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-06-24
CVE-2021-32493
A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-06-24
CVE-2021-22895
Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
CVSS Score
5.9
EPSS Score
0.004
Published
2021-06-11
CVE-2021-23215
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-08
CVE-2021-26260
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved