Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2021
CVE-2021-26844
A cross-site scripting (XSS) vulnerability in Power Admin PA Server Monitor 8.2.1.1 allows remote attackers to inject arbitrary web script or HTML via Console.exe.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-11-05
CVE-2021-42237
Known exploited
Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.
CVSS Score
9.8
EPSS Score
0.944
Published
2021-11-05
CVE-2021-25509
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25504
Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25505
Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25506
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25507
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.
CVSS Score
5.7
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25508
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-11-05
CVE-2021-25501
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
CVSS Score
5.7
EPSS Score
0.0
Published
2021-11-05
CVE-2021-25502
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.
CVSS Score
7.9
EPSS Score
0.0
Published
2021-11-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved