Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2018
CVE-2012-6709
ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.
CVSS Score
5.9
EPSS Score
0.002
Published
2018-02-23
CVE-2014-3205
backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-02-23
CVE-2014-3206
Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.
CVSS Score
9.8
EPSS Score
0.931
Published
2018-02-23
CVE-2018-6764
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-02-23
CVE-2018-0518
LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVSS Score
5.9
EPSS Score
0.001
Published
2018-02-23
CVE-2018-0519
Cross-site scripting vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-02-23
CVE-2018-0520
Cross-site request forgery (CSRF) vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allows an attacker to hijack the authentication of administrators via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-02-23
CVE-2018-7339
The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other impact via a crafted mp4 file.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-02-23
CVE-2018-6866
Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-02-23
CVE-2018-6867
Cross Site Scripting (XSS) exists in PHP Scripts Mall Alibaba Clone Script 1.0.2 via a profile parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-02-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved