Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2020
CVE-2020-1871
USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600; V500R001C60SPC500; V500R005C00SPC100; V500R005C00SPC200 have an improper credentials management vulnerability. The software does not properly manage certain credentials. Successful exploit could cause information disclosure or damage, and impact the confidentiality or integrity.
CVSS Score
8.2
EPSS Score
0.002
Published
2020-01-03
CVE-2019-19441
HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have an information leak vulnerability. An attacker could send specific command in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause information leak.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-01-03
CVE-2019-5304
Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-01-03
CVE-2019-20330
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
CVSS Score
9.8
EPSS Score
0.02
Published
2020-01-03
CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
CVSS Score
8.8
EPSS Score
0.005
Published
2020-01-03
CVE-2020-5311
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
CVSS Score
9.8
EPSS Score
0.012
Published
2020-01-03
CVE-2020-5312
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
CVSS Score
9.8
EPSS Score
0.023
Published
2020-01-03
CVE-2020-5313
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
CVSS Score
7.1
EPSS Score
0.005
Published
2020-01-03
CVE-2019-20329
OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP port 5000.
CVSS Score
8.1
EPSS Score
0.002
Published
2020-01-03
CVE-2014-8182
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses.
CVSS Score
7.5
EPSS Score
0.052
Published
2020-01-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved