Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2018
CVE-2016-8516
A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
CVSS Score
7.5
EPSS Score
0.06
Published
2018-02-15
CVE-2016-8517
A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
CVSS Score
6.1
EPSS Score
0.005
Published
2018-02-15
CVE-2016-8518
A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
CVSS Score
7.5
EPSS Score
0.06
Published
2018-02-15
CVE-2016-8519
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
CVSS Score
9.8
EPSS Score
0.603
Published
2018-02-15
CVE-2016-8520
HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-02-15
CVE-2016-8521
A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.
CVSS Score
6.5
EPSS Score
0.012
Published
2018-02-15
CVE-2016-8522
A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-02-15
CVE-2011-4973
Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.
CVSS Score
9.8
EPSS Score
0.002
Published
2018-02-15
CVE-2014-0013
Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose context is set to a user-supplied primitive value and also contain the `{{this}}` special Handlebars variable.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-02-15
CVE-2014-0014
Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application using the "{{group}}" Helper and a crafted payload.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-02-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved