Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2019
CVE-2018-5403
Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
CVSS Score
8.1
EPSS Score
0.047
Published
2019-01-10
CVE-2018-5412
Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-01-10
CVE-2018-5413
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-01-10
CVE-2017-1002152
Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-01-10
CVE-2017-1002157
modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-01-10
CVE-2018-20684
In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-01-10
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVSS Score
5.3
EPSS Score
0.032
Published
2019-01-10
CVE-2017-3718
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
CVSS Score
6.2
EPSS Score
0.001
Published
2019-01-10
CVE-2018-12166
Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
CVSS Score
4.4
EPSS Score
0.0
Published
2019-01-10
CVE-2018-12167
Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
CVSS Score
4.4
EPSS Score
0.0
Published
2019-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved