Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2020-21913
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
CVE-2021-38300
arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-09-20
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-09-19
CVE-2021-41073
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
CVSS Score
7.8
EPSS Score
0.016
Published
2021-09-19
CVE-2021-3803
nth-check is vulnerable to Inefficient Regular Expression Complexity
CVSS Score
7.5
EPSS Score
0.002
Published
2021-09-17
CVE-2021-3805
object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Score
7.5
EPSS Score
0.006
Published
2021-09-17
CVE-2020-21596
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-09-16
CVE-2020-21597
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-09-16
CVE-2020-21598
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-09-16
CVE-2020-21599
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-09-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved