Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2021
CVE-2021-44423
An out-of-bounds read vulnerability exists when reading a BMP file using Open Design Alliance (ODA) Drawings Explorer before 2022.12. The specific issue exists after loading BMP files. Unchecked input data from a crafted BMP file leads to an out-of-bounds read. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-12-21
CVE-2021-44207
Known exploited
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
CVSS Score
8.1
EPSS Score
0.119
Published
2021-12-21
CVE-2021-45289
A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-12-21
CVE-2021-45290
A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-12-21
CVE-2021-45291
The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-12-21
CVE-2021-45292
The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-12-21
CVE-2021-45293
A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-12-21
CVE-2020-19770
A cross-site scripting (XSS) vulnerability in the system bulletin component of WUZHI CMS v4.1.0 allows attackers to steal the admin's cookie.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-12-21
CVE-2021-27445
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-12-21
CVE-2021-27447
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
CVSS Score
10.0
EPSS Score
0.015
Published
2021-12-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved