Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2018
CVE-2017-15394
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension.
CVSS Score
6.5
EPSS Score
0.013
Published
2018-02-07
CVE-2017-15395
A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference.
CVSS Score
6.5
EPSS Score
0.015
Published
2018-02-07
CVE-2017-15397
Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position.
CVSS Score
7.4
EPSS Score
0.003
Published
2018-02-07
CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
CVSS Score
7.8
EPSS Score
0.004
Published
2018-02-07
CVE-2017-5124
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
CVSS Score
6.1
EPSS Score
0.341
Published
2018-02-07
CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
CVSS Score
7.8
EPSS Score
0.334
Published
2018-02-07
CVE-2018-6655
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-02-07
CVE-2018-6795
PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via every profile input field.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-02-07
CVE-2018-6796
PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-02-07
CVE-2017-12472
ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging missing NULL pointer checks after ccnl_malloc.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-02-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved