Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2018
CVE-2018-5369
The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a lang_identificator parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-12
CVE-2018-5371
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request.
CVSS Score
8.8
EPSS Score
0.011
Published
2018-01-12
CVE-2018-5372
The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
CVSS Score
8.8
EPSS Score
0.005
Published
2018-01-12
CVE-2018-5344
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-12
CVE-2018-5357
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-01-12
CVE-2018-5358
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-01-12
CVE-2018-5361
The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-01-12
CVE-2018-5326
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-01-12
CVE-2018-5327
Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-01-12
CVE-2017-16732
A use-after-free issue was discovered in Advantech WebAccess versions prior to 8.3. WebAccess allows an unauthenticated attacker to specify an arbitrary address.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-01-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved