Shodan
Vulnerabilities
Vulnerable Software
Opensuse:  >> Backports  Security Vulnerabilities
CVE-2021-45082
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-19
CVE-2021-46141
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-06
CVE-2021-46142
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-06
CVE-2020-15803
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
CVSS Score
6.1
EPSS Score
0.021
Published
2020-07-17
CVE-2020-14983
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.
CVSS Score
9.8
EPSS Score
0.007
Published
2020-06-22
CVE-2020-6493
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVSS Score
9.6
EPSS Score
0.036
Published
2020-06-03
CVE-2020-6495
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVSS Score
6.5
EPSS Score
0.005
Published
2020-06-03
CVE-2020-6455
Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-04-13
CVE-2020-6456
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-04-13
CVE-2020-6437
Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.
CVSS Score
4.3
EPSS Score
0.006
Published
2020-04-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved