Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - Known exploited
CVE-2019-0803
Known exploited
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.
CVSS Score
7.8
EPSS Score
0.851
Published
2019-04-09
CVE-2019-0841
Known exploited
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
CVSS Score
7.8
EPSS Score
0.859
Published
2019-04-09
CVE-2019-0752
Known exploited
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.
CVSS Score
7.5
EPSS Score
0.92
Published
2019-04-09
CVE-2019-0797
Known exploited
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.
CVSS Score
7.8
EPSS Score
0.03
Published
2019-04-09
CVE-2019-0808
Known exploited
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
CVSS Score
7.8
EPSS Score
0.523
Published
2019-04-09
CVE-2019-0703
Known exploited
An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821.
CVSS Score
6.5
EPSS Score
0.084
Published
2019-04-09
CVE-2019-0211
Known exploited
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
CVSS Score
7.8
EPSS Score
0.861
Published
2019-04-08
CVE-2019-11001
Known exploited
On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.
CVSS Score
7.2
EPSS Score
0.498
Published
2019-04-08
CVE-2018-4344
Known exploited
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVSS Score
7.8
EPSS Score
0.005
Published
2019-04-03
CVE-2019-5418
Known exploited
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
CVSS Score
7.5
EPSS Score
0.943
Published
2019-03-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved