Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2017
CVE-2016-6526
The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-01-18
CVE-2016-6527
The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-01-18
CVE-2016-6823
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
CVSS Score
7.5
EPSS Score
0.009
Published
2017-01-18
CVE-2016-7101
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-01-18
CVE-2016-7144
The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
CVSS Score
8.1
EPSS Score
0.024
Published
2017-01-18
CVE-2016-7149
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function.
CVSS Score
6.1
EPSS Score
0.006
Published
2017-01-18
CVE-2016-7150
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name.
CVSS Score
5.4
EPSS Score
0.004
Published
2017-01-18
CVE-2016-7563
The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-01-18
CVE-2016-7564
Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-01-18
CVE-2016-7799
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVSS Score
6.5
EPSS Score
0.013
Published
2017-01-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved