Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2018
CVE-2018-5084
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300212C.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-03
CVE-2018-5085
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002124.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-03
CVE-2018-5086
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215F.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-03
CVE-2018-5087
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002100.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-03
CVE-2018-5088
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300211C.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-03
CVE-2017-1000460
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-01-03
CVE-2017-1000461
Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to access the fingerprinting-associated browser functionality (that the browser intends to block).
CVSS Score
4.7
EPSS Score
0.002
Published
2018-01-03
CVE-2017-1000462
BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-01-03
CVE-2017-1000469
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
CVSS Score
9.8
EPSS Score
0.014
Published
2018-01-03
CVE-2017-1000470
EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable to an integer overflow in the HTTP listener resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-01-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved