Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2021
CVE-2021-39923
Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.015
Published
2021-11-19
CVE-2021-39924
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.049
Published
2021-11-19
CVE-2021-39925
Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.079
Published
2021-11-19
CVE-2021-39926
Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.075
Published
2021-11-19
CVE-2021-39929
Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.036
Published
2021-11-19
CVE-2021-3962
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS Score
7.8
EPSS Score
0.058
Published
2021-11-19
CVE-2021-44036
Team Password Manager (aka TeamPasswordManager) before 10.135.236 has a CSRF vulnerability during import.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-11-19
CVE-2021-44037
Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-11-19
CVE-2021-22028
In versions of Greenplum database prior to 5.28.6 and 6.14.0, greenplum database contains a file path traversal vulnerability leading to information disclosure from the file system. A malicious user can read/write information from the file system using this vulnerability.
CVSS Score
9.1
EPSS Score
0.024
Published
2021-11-19
CVE-2021-22030
In versions of Greenplum database prior to 5.28.14 and 6.17.0, certain statements execution led to the storage of sensitive(credential) information in the logs of the database. A malicious user with access to logs can read sensitive(credentials) information about users
CVSS Score
6.5
EPSS Score
0.01
Published
2021-11-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved