Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2021
CVE-2021-43270
Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-11-02
CVE-2021-43264
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-11-02
CVE-2021-43265
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag syntax could be used for XSS, such as via a SCRIPT element.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-11-02
CVE-2021-43266
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export could lead to code execution via shell metacharacters in a collection name. Additional, in Mahara before 20.10.4, 21.04.3, and 21.10.1, exporting collections via PDF export could cause code execution
CVSS Score
7.3
EPSS Score
0.008
Published
2021-11-02
CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
CVSS Score
8.8
EPSS Score
0.036
Published
2021-11-02
CVE-2021-37981
Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVSS Score
9.6
EPSS Score
0.016
Published
2021-11-02
CVE-2021-37982
Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.013
Published
2021-11-02
CVE-2021-37983
Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.013
Published
2021-11-02
CVE-2021-37984
Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.024
Published
2021-11-02
CVE-2021-37985
Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.011
Published
2021-11-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved