Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2021
CVE-2021-44347
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.class.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2021-12-03
CVE-2021-44352
A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.
CVSS Score
9.8
EPSS Score
0.012
Published
2021-12-03
CVE-2021-38909
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209706.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-12-03
CVE-2021-29867
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter notebook that they should not have access to. IBM X-Force ID: 206212.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-12-03
CVE-2021-29719
IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an incorrect content type. IBM X-Force ID: 201091
CVSS Score
5.3
EPSS Score
0.002
Published
2021-12-03
CVE-2021-29756
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the My Inbox page which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202167.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-12-03
CVE-2021-29716
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application that privileged user should only be allowed to view. IBM X-Force ID: 201087.
CVSS Score
2.7
EPSS Score
0.004
Published
2021-12-03
CVE-2021-20493
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197794.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-12-03
CVE-2021-20470
IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 196339.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-12-03
CVE-2021-3980
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
CVSS Score
5.3
EPSS Score
0.006
Published
2021-12-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved